Create Interactive Tour

Windows Analysis Report
https://www.cs.ru.nl/~F.vandenBroek/pub/scriΡtie.pdf

Overview

General Information

Sample URL:	https://www.cs.ru.nl/~F.vandenBroek/pub/scriΡtie.pdf
Analysis ID:	718031
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Drops files with a non-matching file extension (content does not match file extension)

Classification

Process Tree

System is w7x64

chrome.exe (PID: 2128 cmdline: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank MD5: 6ACAE527E744C80997B25EF2A0485D5E)

chrome.exe (PID: 508 cmdline: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1044,10579008139269471097,5525965360181123181,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1448 /prefetch:8 MD5: 6ACAE527E744C80997B25EF2A0485D5E)

AcroRd32.exe (PID: 3532 cmdline: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Downloads\scriptie.pdf MD5: 2F8D93826B8CBF9290BC57535C7A6817)

RdrCEF.exe (PID: 3880 cmdline: "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043 MD5: 326A645391A97C760B60C558A35BB068)

chrome.exe (PID: 2472 cmdline: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "https://www.cs.ru.nl/~F.vandenBroek/pub/scriptie.pdf MD5: 6ACAE527E744C80997B25EF2A0485D5E)

cleanup

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=WP.289365

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File created: C:\Users\user\AppData\Local\Temp\acrord32_sbx\A9Rhg6wxb_xlljej_2ro.tmp

Jump to behavior

Source: classification engine

Classification label: clean0.win@38/11@3/6

Source: unknown	Process created: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1044,10579008139269471097,5525965360181123181,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1448 /prefetch:8
Source: unknown	Process created: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "https://www.cs.ru.nl/~F.vandenBroek/pub/scriptie.pdf
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Downloads\scriptie.pdf
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1044,10579008139269471097,5525965360181123181,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1448 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Downloads\scriptie.pdf	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\Downloads\c430504f-84f6-45ed-b1de-8e6155bdccc0.tmp

Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

File opened: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\crash_reporter.cfg

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\Downloads\scriptie.pdf.crdownload

Jump to dropped file

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	11 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	1 Encrypted Channel	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	3 Non-Application Layer Protocol	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	4 Application Layer Protocol	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	1 Ingress Tool Transfer	SIM Card Swap		Carrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://www.cs.ru.nl/~F.vandenBroek/pub/scriptie.pdf	0%	Avira URL Cloud	safe

Name	IP	Active	Malicious	Reputation
accounts.google.com	142.250.186.45	true	false	high
clients.l.google.com	142.250.184.206	true	false	high
www.cs.ru.nl	131.174.9.227	true	false	high
clients2.google.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Reputation
https://www.cs.ru.nl/~F.vandenBroek/pub/scriptie.pdf	false	high
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=84.0.4147.135&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc	false	high
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard	false	high
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=84.0.4147.135&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1	false	high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.45	accounts.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
131.174.9.227	www.cs.ru.nl	Netherlands	1103	SURFNET-NLSURFnetTheNetherlandsNL	false
142.250.184.206	clients.l.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.255
127.0.0.1

General Information

Joe Sandbox Version:	36.0.0 Rainbow Opal
Analysis ID:	718031
Start date and time:	2022-10-07 06:03:10 +02:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 5m 42s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://www.cs.ru.nl/~F.vandenBroek/pub/scriΡtie.pdf
Analysis system description:	Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	2
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@38/11@3/6
EGA Information:	Failed
HDC Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Found PDF document Find and activate links Close Viewer

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, vga.dll, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.99, 34.104.35.123, 23.211.4.250, 80.67.82.97, 80.67.82.80
Excluded domains from analysis (whitelisted): ssl.adobe.com.edgekey.net, edgedl.me.gvt1.com, armmf.adobe.com, e4578.dscb.akamaiedge.net, acroipm2.adobe.com.edgesuite.net, a122.dscd.akamai.net, clientservices.googleapis.com, acroipm2.adobe.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Report size getting too big, too many NtWriteVirtualMemory calls found.

Simulations

Behavior and APIs

Time	Type	Description
06:04:23	API Interceptor	1082x Sleep call for process: AcroRd32.exe modified
06:04:27	API Interceptor	64x Sleep call for process: RdrCEF.exe modified

Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	modified
Size (bytes):	270336
Entropy (8bit):	0.0018885380473555064
Encrypted:	false
SSDEEP:	3:MsEllllkEthXllkl2zEMqllwK/t:/M/xT02zHe11
MD5:	7868D064A029E1C83FE064197DBB4EA1
SHA1:	C77DDB6DFE57979B89BA7AD1BCC098E3EDFF59B3
SHA-256:	B0541381A3ECF36E8BEEAAF96C17C03253967A212405FA3EA9BE88D3AF8689DF
SHA-512:	F40FF07033D4A227C6EA9664E3465886D2F8DF328CED56F27C9F56EFB73C84099A3D07513156FB532F22648697880DCA36BD4E13E1766595356D3867955DA588
Malicious:	false
Reputation:	low
Preview:	........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

Download File

Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	292
Entropy (8bit):	5.203821418885342
Encrypted:	false
SSDEEP:	6:ja4xOgHN+q2PP2nKuAl9OmbnIFUtqMa4xcdZmwYMa4oVkwOP2nKuAl9OmbjLJ:ja4XovWHAahFUtNa4ad/La4A57HAaSJ
MD5:	2586DA576D254CF766AA7CF2E08F30EB
SHA1:	2B353C8E9D94B22A244D3CD9C96AADA9C9B4CA4A
SHA-256:	280C0D9BE17BCE6F9416896A0E6751675D220A3A16309878E26854127034E474
SHA-512:	8F1B5F9E08EA693467C9F5C9E4930FCD6BA3A352F0E36424CF424C130AB8603DC833DF337675BB6555663AFF73A16659DF572E41DF8672F468216DDA20D89B4D
Malicious:	false
Reputation:	low
Preview:	2022/10/07-06:04:29.420 3948 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2022/10/07-06:04:29.429 3948 Recovering log #3.2022/10/07-06:04:29.438 3948 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

Download File

Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	292
Entropy (8bit):	5.203821418885342
Encrypted:	false
SSDEEP:	6:ja4xOgHN+q2PP2nKuAl9OmbnIFUtqMa4xcdZmwYMa4oVkwOP2nKuAl9OmbjLJ:ja4XovWHAahFUtNa4ad/La4A57HAaSJ
MD5:	2586DA576D254CF766AA7CF2E08F30EB
SHA1:	2B353C8E9D94B22A244D3CD9C96AADA9C9B4CA4A
SHA-256:	280C0D9BE17BCE6F9416896A0E6751675D220A3A16309878E26854127034E474
SHA-512:	8F1B5F9E08EA693467C9F5C9E4930FCD6BA3A352F0E36424CF424C130AB8603DC833DF337675BB6555663AFF73A16659DF572E41DF8672F468216DDA20D89B4D
Malicious:	false
Reputation:	low
Preview:	2022/10/07-06:04:29.420 3948 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2022/10/07-06:04:29.429 3948 Recovering log #3.2022/10/07-06:04:29.438 3948 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old~RF3ea41c.TMP (copy)

Download File

Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	292
Entropy (8bit):	5.203821418885342
Encrypted:	false
SSDEEP:	6:ja4xOgHN+q2PP2nKuAl9OmbnIFUtqMa4xcdZmwYMa4oVkwOP2nKuAl9OmbjLJ:ja4XovWHAahFUtNa4ad/La4A57HAaSJ
MD5:	2586DA576D254CF766AA7CF2E08F30EB
SHA1:	2B353C8E9D94B22A244D3CD9C96AADA9C9B4CA4A
SHA-256:	280C0D9BE17BCE6F9416896A0E6751675D220A3A16309878E26854127034E474
SHA-512:	8F1B5F9E08EA693467C9F5C9E4930FCD6BA3A352F0E36424CF424C130AB8603DC833DF337675BB6555663AFF73A16659DF572E41DF8672F468216DDA20D89B4D
Malicious:	false
Reputation:	low
Preview:	2022/10/07-06:04:29.420 3948 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2022/10/07-06:04:29.429 3948 Recovering log #3.2022/10/07-06:04:29.438 3948 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links

Download File

Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	131072
Entropy (8bit):	0.006738561099835664
Encrypted:	false
SSDEEP:	3:ImtVzzNXM1xVlt/XSxdlt4dV1gt/l:IiVzexlKxdX4m1l
MD5:	D4CF1F3A7B99D7068973876B73A1F224
SHA1:	415439B3A600BAA93C50CB1E29E75CCF22B24CD5
SHA-256:	C1F5B396738C5E9346D2C9CDD39ECFB59CAB894EE387E9AD9629AB7F1B34AD06
SHA-512:	5A0AA86402DBE099F487A805EF33AB3B644CA64CC83B1F47437FF24F57F3D2C6E5DBD5F35E4AF3640D2A9F493361A8F71751546620163DF278306FA5E7717D87
Malicious:	false
Reputation:	low
Preview:	VLnk.....?......LhXJ ...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-221007130429Z-165.bmp

Download File

Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
Category:	dropped
Size (bytes):	65110
Entropy (8bit):	0.7160629904685886
Encrypted:	false
SSDEEP:	96:5AKMMZwcCXlMMMZveXN3L8cWWOR0owVjg5M9WWt87EL7b2F7/rhO8bdkhdKXX8Hl:CZagSzEvSjqmXeL8q
MD5:	AD21F54640DC573E8500A0376D54235D
SHA1:	6DC566E6222AF275FF89221533B2C576027E3247
SHA-256:	EABC0FDCD403C56A5572AF621BFB0F6FFA79AFACC36275CD2999C4B623CC60F1
SHA-512:	48C12D2C65CC99776C294A57795DE87C16CE05F0FFADB4E6A123AB087613853EF95C575B981B5D5AB0B5BF3AECDD3CFEAA19810BE28516E2BA009C14D18591C2
Malicious:	false
Reputation:	low
Preview:	BMV.......6...(...k...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

Download File

Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	SQLite 3.x database, last written using SQLite version 3024000, file counter 15, database pages 15, cookie 0x5, schema 4, UTF-8, version-valid-for 15
Category:	dropped
Size (bytes):	61440
Entropy (8bit):	3.575841012046911
Encrypted:	false
SSDEEP:	384:neh9dTh5tELJ8DAcLKuZsLRGlKhsvXh+vSc:sAeZsLQhUSc
MD5:	14B601F8D614B451BB7D7F00673AC0AF
SHA1:	0760DDEA439F6147A05787B203664C457577571D
SHA-256:	21A0E0216230ECCC7044AB7B7E51CBE7A4509E543A138DFCCAA5700A0DD9599C
SHA-512:	F267FD6034C21F37A50E4A03078CEA06AACDAC88B9E1A4E085084DF49F97A56EFDE26A381F4B51190EB65FE359742F493F2DD0A3DC94F02D33C0DE0B9C231460
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................$.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

Download File

Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	SQLite Rollback Journal
Category:	dropped
Size (bytes):	8720
Entropy (8bit):	3.314194029804177
Encrypted:	false
SSDEEP:	48:7Mt2iomVmBsmom1CCkiomCBszom1Nom1Aiom1RROiom1Com1pom1Q5iomVKiomei:7rCm6rCkf6uhk5CK/Ed49IVXEBodRBke
MD5:	B57D71BD2552DDC398BC93DC575A64D9
SHA1:	7420689B54C641406EFF75E7267DA1162909D2CF
SHA-256:	24819B64B8BA88DBA50FD8D8010027DA3E790D2F1FBE64E96BBC8F0F024AB4B0
SHA-512:	BB37E3E6DEDBE9E25511B92CFBEFB8EF7938F7AB975BA94CC6E61DC20625C134FAA93C33DDA1AD61A7CC72E6A88F4610BDA4287A21A4A75B29145A3EC1B90825
Malicious:	false
Reputation:	low
Preview:	.... .c......3.@..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................W....<.W.L...y.......~........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\Downloads\c430504f-84f6-45ed-b1de-8e6155bdccc0.tmp

Download File

Process:	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
File Type:	PDF document, version 1.4
Category:	dropped
Size (bytes):	659456
Entropy (8bit):	7.997062671060365
Encrypted:	true
SSDEEP:	12288:XmMJbn0ZxRrPKLw1D9FcF+YYY9Z/zaLnsN2gpQrkS5bD+OwehUB3nTZ5v4fiWMVx:XPQRrew1ZWF+rY99EsNjQwSFDnjhCdyc
MD5:	F696FB2E7A964CD4E5FE0897BF97A167
SHA1:	DB39CB60C568A8A5D84A2A6A6157F0B8CAE449E5
SHA-256:	217C86F84C41A328AB1E37D28C2B1EC7A187A0523463BC5A1AA00CE477ED9C32
SHA-512:	CC61145ECD22CC7FFAB37A61624BAB9E97AB7135075EE6582EA0FE745DBB6968C704BD04E55BA668683AB963003DE2C0E26336BDBF96A5BD9B7BAC8E670BD30E
Malicious:	false
Reputation:	low
Preview:	%PDF-1.4.%...5 0 obj.<</Length 6 0 R/Filter /FlateDecode>>.stream.x..]I...q.._17.S..k_t.-3.a)L..$.`.@...!B...../....@......D-Y_.V.]5?]../....w...u.....\|A..}...s...q}w..35j._..s.<.. ......./5x.._..=.n.....f_\|.........._z-.7...{..O.....Bv{.~......i.q...1......<......fN..O.Z..@>Dj..Y.N...o6I.~.L.....;......0.om{;.^..qp...KA/.1....g..\...[O....`.......5L...&..=5O...[..u.m.. b..../.9...S...^R..{.!..!.k..4.c-1....p.z........R:d..)...:W.s]f]gZ..qm... ./..k...=..\......8...X.k....O.UJ1....<..}......I7j.OL.oe!>.p....W.t%.n........e.....N.....~..S..o%......v..h-.4\.<.H-..........7,Ur...i...GAz.Q.W._..s......_......>DG...........Z.S2F$.U\R"....}.~.r}0N..../..:-<.....{n......5p{...r.....h..z(..x........z}...'y....._.......Pre.s...I.3)......F.....o:..T0c8..s.a.N.8_l..X.1...).rh...^..Sbb\mH.uN.a...e..6.-...e...$(...1.4f.S..#>.z.Ot1/.D...>.4\|...1......&>&..;w..uw......\|.G.1.....;:.F...)w;..H...P..........c.\|.a..p...7..2.\|..e.'.TV\|.=...grTn..uB.=...O.s

C:\Users\user\Downloads\scriptie.pdf (copy)

Download File

Process:	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
File Type:	PDF document, version 1.4
Category:	dropped
Size (bytes):	1314760
Entropy (8bit):	7.978332307377625
Encrypted:	false
SSDEEP:	24576:XPQRrew1ZWF+rY99EsNjQwSFDnjhCdyfMPaI6Gn+2yxedeHZFPhiddq:XYheBF+sEshRs9CzPaI6rdZNhZ
MD5:	6FBE0B93287ABE74BB730499BDAF0DAB
SHA1:	9B45686B02C79FDBD206460656109B3433E346B8
SHA-256:	A7DCC9C071E5C9FDA34659AAA796819AFB44B4AD4918883C75B0E03AAC7FB88C
SHA-512:	4C18CDC2555F03C0E66AF2CDCF99A257E94F23A1DC18FC85C90165227CE5DE4C59F040F32CE0980664E2C508B24C64F00A0489D2ECF1626F4C4674484D764769
Malicious:	false
Reputation:	low
Preview:	%PDF-1.4.%...5 0 obj.<</Length 6 0 R/Filter /FlateDecode>>.stream.x..]I...q.._17.S..k_t.-3.a)L..$.`.@...!B...../....@......D-Y_.V.]5?]../....w...u.....\|A..}...s...q}w..35j._..s.<.. ......./5x.._..=.n.....f_\|.........._z-.7...{..O.....Bv{.~......i.q...1......<......fN..O.Z..@>Dj..Y.N...o6I.~.L.....;......0.om{;.^..qp...KA/.1....g..\...[O....`.......5L...&..=5O...[..u.m.. b..../.9...S...^R..{.!..!.k..4.c-1....p.z........R:d..)...:W.s]f]gZ..qm... ./..k...=..\......8...X.k....O.UJ1....<..}......I7j.OL.oe!>.p....W.t%.n........e.....N.....~..S..o%......v..h-.4\.<.H-..........7,Ur...i...GAz.Q.W._..s......_......>DG...........Z.S2F$.U\R"....}.~.r}0N..../..:-<.....{n......5p{...r.....h..z(..x........z}...'y....._.......Pre.s...I.3)......F.....o:..T0c8..s.a.N.8_l..X.1...).rh...^..Sbb\mH.uN.a...e..6.-...e...$(...1.4f.S..#>.z.Ot1/.D...>.4\|...1......&>&..;w..uw......\|.G.1.....;:.F...)w;..H...P..........c.\|.a..p...7..2.\|..e.'.TV\|.=...grTn..uB.=...O.s

C:\Users\user\Downloads\scriptie.pdf.crdownload

Download File

Process:	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
File Type:	PDF document, version 1.4
Category:	dropped
Size (bytes):	1314760
Entropy (8bit):	7.978332307377625
Encrypted:	false
SSDEEP:	24576:XPQRrew1ZWF+rY99EsNjQwSFDnjhCdyfMPaI6Gn+2yxedeHZFPhiddq:XYheBF+sEshRs9CzPaI6rdZNhZ
MD5:	6FBE0B93287ABE74BB730499BDAF0DAB
SHA1:	9B45686B02C79FDBD206460656109B3433E346B8
SHA-256:	A7DCC9C071E5C9FDA34659AAA796819AFB44B4AD4918883C75B0E03AAC7FB88C
SHA-512:	4C18CDC2555F03C0E66AF2CDCF99A257E94F23A1DC18FC85C90165227CE5DE4C59F040F32CE0980664E2C508B24C64F00A0489D2ECF1626F4C4674484D764769
Malicious:	false
Reputation:	low
Preview:	%PDF-1.4.%...5 0 obj.<</Length 6 0 R/Filter /FlateDecode>>.stream.x..]I...q.._17.S..k_t.-3.a)L..$.`.@...!B...../....@......D-Y_.V.]5?]../....w...u.....\|A..}...s...q}w..35j._..s.<.. ......./5x.._..=.n.....f_\|.........._z-.7...{..O.....Bv{.~......i.q...1......<......fN..O.Z..@>Dj..Y.N...o6I.~.L.....;......0.om{;.^..qp...KA/.1....g..\...[O....`.......5L...&..=5O...[..u.m.. b..../.9...S...^R..{.!..!.k..4.c-1....p.z........R:d..)...:W.s]f]gZ..qm... ./..k...=..\......8...X.k....O.UJ1....<..}......I7j.OL.oe!>.p....W.t%.n........e.....N.....~..S..o%......v..h-.4\.<.H-..........7,Ur...i...GAz.Q.W._..s......_......>DG...........Z.S2F$.U\R"....}.~.r}0N..../..:-<.....{n......5p{...r.....h..z(..x........z}...'y....._.......Pre.s...I.3)......F.....o:..T0c8..s.a.N.8_l..X.1...).rh...^..Sbb\mH.uN.a...e..6.-...e...$(...1.4f.S..#>.z.Ot1/.D...>.4\|...1......&>&..;w..uw......\|.G.1.....;:.F...)w;..H...P..........c.\|.a..p...7..2.\|..e.'.TV\|.=...grTn..uB.=...O.s

Total Packets: 179
• 443 (HTTPS)
• 53 (DNS)

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 7, 2022 06:04:03.869537115 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:03.869621038 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:03.869690895 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:03.871491909 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:03.871526957 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:03.872370958 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:03.872435093 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:03.872657061 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:03.873012066 CEST	49175	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:03.873078108 CEST	443	49175	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:03.873140097 CEST	49175	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:03.874037027 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:03.874078989 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:03.874140978 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:03.874691010 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:03.874722004 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:03.874823093 CEST	49175	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:03.874852896 CEST	443	49175	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:03.874943972 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:03.874969959 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.006360054 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.020620108 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.029381037 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.078718901 CEST	443	49175	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.210928917 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.211119890 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.230901003 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.231035948 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:04.234983921 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.235083103 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:04.282896042 CEST	443	49175	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.283081055 CEST	49175	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.503350973 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.503422976 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.506777048 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.506876945 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.593796015 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:04.593856096 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.596152067 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.596292019 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:04.624681950 CEST	49175	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.624741077 CEST	443	49175	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.625706911 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:04.625806093 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.627233028 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.627320051 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:04.628182888 CEST	443	49175	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.628287077 CEST	49175	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.629369020 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.629445076 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:04.770829916 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:04.770904064 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.771161079 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:04.771183968 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.771374941 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.783780098 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.783833027 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.784015894 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.784024954 CEST	49175	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.784073114 CEST	443	49175	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.784224033 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:04.784264088 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.784324884 CEST	443	49175	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.784394979 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.784457922 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.784490108 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.784521103 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:04.784562111 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.813290119 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.813359022 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:04.813380957 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.813577890 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.813633919 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:04.817332029 CEST	49176	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:04.817364931 CEST	443	49176	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:04.825200081 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.825282097 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:04.825297117 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.825535059 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.825597048 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:04.842631102 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.842684984 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.842741966 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.842741966 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.842787027 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.842849970 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.842881918 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.842904091 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.842992067 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.843008995 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.843034029 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.843061924 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.871464968 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.871534109 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.871668100 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.871668100 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.871726990 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.871932983 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.871985912 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.872013092 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.872035027 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.872064114 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.872472048 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.872778893 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.933917046 CEST	49173	443	192.168.2.22	142.250.186.45
Oct 7, 2022 06:04:04.933954000 CEST	443	49173	142.250.186.45	192.168.2.22
Oct 7, 2022 06:04:04.946866035 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.946935892 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.946985006 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.947051048 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.947060108 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.947096109 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.947125912 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.947125912 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.947150946 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.947182894 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.947182894 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.947182894 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.947206020 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.949781895 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.949822903 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.949875116 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.949974060 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.950004101 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.950170994 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.950185061 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.950248957 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.950347900 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.950375080 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.950395107 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.950561047 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.950572014 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.950603008 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.950701952 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.950727940 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.950944901 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.970653057 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.970712900 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.970792055 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.970846891 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.970920086 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.990946054 CEST	443	49175	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:04.991079092 CEST	49175	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:04.999192953 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.029134035 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029190063 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029330015 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.029330015 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.029357910 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029433012 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029470921 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.029484034 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029544115 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.029582024 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029658079 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029695034 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029721022 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.029742956 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029769897 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.029850960 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029930115 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.029946089 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.029983044 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.030018091 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.030138969 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.030175924 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.030205011 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.231482983 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258158922 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258224964 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258264065 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258284092 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258312941 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258328915 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258347034 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258385897 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258387089 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258387089 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258387089 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258409023 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258440971 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258476019 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258533001 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258533001 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258533001 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258577108 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258588076 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258624077 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258671999 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258677959 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258699894 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.258725882 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258725882 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258725882 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.258764982 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.259011030 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.259023905 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.259057999 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.259099007 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.259120941 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.259150028 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.259150028 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.259171963 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.470891953 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.470993996 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:05.914892912 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:05.915026903 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:06.778898954 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:06.779107094 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.129785061 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.129846096 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.129878998 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.129936934 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.129961967 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.130009890 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.130033970 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.130033970 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.130048990 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.130089998 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.130111933 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.130131960 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.130131960 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.130151987 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.130178928 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.130178928 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.130209923 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.161480904 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.161516905 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.161554098 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.161567926 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.161617994 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.161643982 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.161685944 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.161685944 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.165366888 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.165394068 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.165421009 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.165455103 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.165501118 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.165527105 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.165551901 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.167411089 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.167438030 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.167464018 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.167494059 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.167534113 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.167571068 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.167594910 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.167614937 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.168868065 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.168879986 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.168903112 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.168930054 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.168965101 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.169006109 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.169033051 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.169051886 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.170003891 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.170015097 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.170089006 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.170118093 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.170164108 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.170183897 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.170207024 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.170224905 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.171097040 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.171108961 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.171129942 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.171165943 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.171191931 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.171206951 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.171247005 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.171269894 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.171416998 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.172120094 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.172131062 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.172151089 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.172175884 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.172215939 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.172246933 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.172266006 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.172295094 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.173340082 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.173367023 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.173398018 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.173430920 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.173480988 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.173480988 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.173512936 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.173512936 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.173532009 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.174966097 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.174989939 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.175014973 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.175044060 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.175076008 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.175097942 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.175113916 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.175143003 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.175159931 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.382894993 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.451303959 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.451359987 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.451395035 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.451436043 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.451466084 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.451469898 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.451502085 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.451502085 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.451524019 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.455477953 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.458479881 CEST	49174	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:07.458529949 CEST	443	49174	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:07.814084053 CEST	49182	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:07.814150095 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:07.814222097 CEST	49182	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:07.815526962 CEST	49182	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:07.815557003 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:07.872602940 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:07.873091936 CEST	49182	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:07.873125076 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:07.874213934 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:07.875031948 CEST	49182	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:07.875066042 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:07.875174046 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:07.875294924 CEST	49182	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:07.875319004 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:07.919334888 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:07.919662952 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:07.919749022 CEST	49182	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:07.921873093 CEST	49182	443	192.168.2.22	142.250.184.206
Oct 7, 2022 06:04:07.921895981 CEST	443	49182	142.250.184.206	192.168.2.22
Oct 7, 2022 06:04:16.624842882 CEST	49175	443	192.168.2.22	131.174.9.227
Oct 7, 2022 06:04:16.625050068 CEST	443	49175	131.174.9.227	192.168.2.22
Oct 7, 2022 06:04:16.625155926 CEST	49175	443	192.168.2.22	131.174.9.227

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 7, 2022 06:04:00.713814974 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:01.465662003 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:02.230052948 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:02.783065081 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:02.812289000 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:03.533436060 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:03.562422037 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:03.632298946 CEST	54723	53	192.168.2.22	8.8.8.8
Oct 7, 2022 06:04:03.663525105 CEST	53	54723	8.8.8.8	192.168.2.22
Oct 7, 2022 06:04:03.673327923 CEST	58062	53	192.168.2.22	8.8.8.8
Oct 7, 2022 06:04:03.700850010 CEST	53	58062	8.8.8.8	192.168.2.22
Oct 7, 2022 06:04:03.751293898 CEST	56703	53	192.168.2.22	8.8.8.8
Oct 7, 2022 06:04:03.777504921 CEST	53	56703	8.8.8.8	192.168.2.22
Oct 7, 2022 06:04:04.283510923 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:04.312556028 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:07.362762928 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:07.395746946 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:07.426873922 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:08.102329969 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:08.133326054 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:08.173873901 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:08.852741003 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:08.891340971 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:08.938220024 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:09.688203096 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:10.451472998 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:11.215960026 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:11.662929058 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:12.090630054 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:12.409060001 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:12.847296953 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:13.159725904 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:13.598012924 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:21.553175926 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:22.303095102 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:23.053329945 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:30.775485039 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:31.525418043 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:32.275540113 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:33.270426035 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:34.019983053 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:34.769853115 CEST	137	137	192.168.2.22	192.168.2.255
Oct 7, 2022 06:04:35.128376961 CEST	138	138	192.168.2.22	192.168.2.255
Oct 7, 2022 06:06:04.684025049 CEST	138	138	192.168.2.22	192.168.2.255

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Oct 7, 2022 06:04:03.632298946 CEST	192.168.2.22	8.8.8.8	0x7831	Standard query (0)	www.cs.ru.nl	A (IP address)	IN (0x0001)	false
Oct 7, 2022 06:04:03.673327923 CEST	192.168.2.22	8.8.8.8	0xafea	Standard query (0)	accounts.google.com	A (IP address)	IN (0x0001)	false
Oct 7, 2022 06:04:03.751293898 CEST	192.168.2.22	8.8.8.8	0x995f	Standard query (0)	clients2.google.com	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Oct 7, 2022 06:04:03.663525105 CEST	8.8.8.8	192.168.2.22	0x7831	No error (0)	www.cs.ru.nl		131.174.9.227	A (IP address)	IN (0x0001)	false
Oct 7, 2022 06:04:03.700850010 CEST	8.8.8.8	192.168.2.22	0xafea	No error (0)	accounts.google.com		142.250.186.45	A (IP address)	IN (0x0001)	false
Oct 7, 2022 06:04:03.777504921 CEST	8.8.8.8	192.168.2.22	0x995f	No error (0)	clients2.google.com	clients.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 7, 2022 06:04:03.777504921 CEST	8.8.8.8	192.168.2.22	0x995f	No error (0)	clients.l.google.com		142.250.184.206	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

accounts.google.com

www.cs.ru.nl

clients2.google.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.22	49173	142.250.186.45	443	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
2022-10-07 04:04:04 UTC	0	OUT	POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1 Host: accounts.google.com Connection: keep-alive Content-Length: 1 Origin: https://www.google.com Content-Type: application/x-www-form-urlencoded Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CONSENT=WP.289365
2022-10-07 04:04:04 UTC	0	OUT	Data Raw: 20 Data Ascii:
2022-10-07 04:04:04 UTC	3	IN	HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Access-Control-Allow-Origin: https://www.google.com Access-Control-Allow-Credentials: true X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 07 Oct 2022 04:04:04 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/IdentityListAccountsHttp/cspreport Content-Security-Policy: script-src 'report-sample' 'nonce-3Kbxph4KyP0oKnuplkhNVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityListAccountsHttp/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdentityListAccountsHttp/cspreport/allowlist Cross-Origin-Opener-Policy: same-origin Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= Server: ESF X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2022-10-07 04:04:04 UTC	5	IN	Data Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a Data Ascii: 11["gaia.l.a.r",[]]
2022-10-07 04:04:04 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	192.168.2.22	49174	131.174.9.227	443	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
2022-10-07 04:04:04 UTC	0	OUT	GET /~F.vandenBroek/pub/scriptie.pdf HTTP/1.1 Host: www.cs.ru.nl Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2022-10-07 04:04:04 UTC	3	IN	HTTP/1.1 200 OK Date: Fri, 07 Oct 2022 04:04:04 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Tue, 15 Jun 2010 15:32:34 GMT ETag: "140fc8-489135073e880" Accept-Ranges: bytes Content-Length: 1314760 Connection: close Content-Type: application/pdf
2022-10-07 04:04:04 UTC	5	IN	Data Raw: 25 50 44 46 2d 31 2e 34 0a 25 c7 ec 8f a2 0a 35 20 30 20 6f 62 6a 0a 3c 3c 2f 4c 65 6e 67 74 68 20 36 20 30 20 52 2f 46 69 6c 74 65 72 20 2f 46 6c 61 74 65 44 65 63 6f 64 65 3e 3e 0a 73 74 72 65 61 6d 0a 78 9c ed 5d 49 b3 1c c7 71 be bf 5f 31 37 f7 53 f8 b5 6b 5f 74 94 2d 33 82 61 29 4c e2 f9 24 f9 60 0e 40 90 d4 03 21 42 a2 14 fa f7 ce 2f 97 aa ea 1e 40 b8 e8 a6 09 06 03 c8 44 2d 59 5f e7 56 d9 5d 35 3f 5d dc ee 2f 0e ff e9 9f d7 77 0f ff f6 75 bd bc fd d3 83 bb 7c 41 ff bf 7d f8 e9 c1 73 83 8b fe 71 7d 77 f9 d5 33 35 6a 17 5f f7 e0 73 be 3c 7f fb 20 9d fd c5 f7 b2 87 de 2f 35 78 fa d3 5f 9e df 3d fc 6e fb fa f1 c9 ed ae 66 5f 7c db fe ef 91 a6 ca b9 f7 b2 bd a6 bf 06 5f 7a 2d db 37 fc d7 16 7b de de 4f ee cf f3 af af 1f 9f 42 76 7b f5 7e fb 1f e2 ba 18 Data Ascii: %PDF-1.4%5 0 obj<</Length 6 0 R/Filter /FlateDecode>>streamx]Iq_17Sk_t-3a)L$`@!B/@D-Y_V]5?]/wu\|A}sq}w35j_s< /5x_=nf_\|_z-7{OBv{~
2022-10-07 04:04:04 UTC	21	IN	Data Raw: 55 c2 d7 bf f9 32 55 54 28 c9 fe 5c fd d4 ca 06 a3 53 c7 bc 6c ed c4 d8 52 31 4d 94 d4 a9 2c 12 ba a4 d2 71 a1 62 53 87 9b 36 52 a8 d0 a6 81 4f ab 7d a3 43 68 64 eb c6 39 07 5f b0 ea 19 1e bc 7a 59 37 5c 3a 62 1c 4f 84 aa de 7a c1 25 4c 59 54 07 a1 68 2d 97 d5 5f b8 ca f9 50 65 bd f1 3f 70 e7 ac d5 d5 e7 3a 99 9b 14 f0 e8 38 4c 28 4a d2 8b 5f d1 7c 2a 36 9d 0a 13 c4 88 65 03 1f 4a 49 31 6e 4f 58 dd 30 18 8a 30 b7 9b f4 43 d3 73 24 f0 7a f3 b9 5d 05 27 74 75 84 2a 7d 1c 66 52 ed 0d fd 1c 5f d4 8d a2 9a 30 01 22 d4 0d 8c 03 2d cd 35 8a 8a 52 62 f4 57 ea ec 41 9c b6 c8 24 87 9d e0 00 30 01 85 cc 11 66 5c 87 c2 0c 79 8d 70 92 50 6b 5a ac 49 e9 8a 58 cb 80 c7 a9 df cf c9 76 c7 66 20 01 e4 f3 16 60 52 88 ea 10 f5 83 70 fa 1d ae 7e 3a aa 63 0c 55 d0 34 c2 94 55 Data Ascii: U2UT(\SlR1M,qbS6RO}Chd9_zY7\:bOz%LYTh-_Pe?p:8L(J_\|6eJI1nOX00Cs$z]'tu}fR_0"-5RbWA$0f\ypPkZIXvf `Rp~:cU4U
2022-10-07 04:04:04 UTC	37	IN	Data Raw: 3a 12 4e 36 35 ec 2b 41 ae 93 6b 13 4f 46 1d e9 17 66 10 95 2f 31 c9 ae 63 e2 f1 a9 44 1a 3f c3 1e ea f8 f1 e0 83 96 f9 03 c9 f8 65 26 e6 df 1a 94 c2 74 30 aa 17 3d c6 09 45 c0 af a6 2f 9f 90 4c 9f 01 c6 3e 4c 91 6d 95 c7 17 c7 32 db 34 e7 3a 93 31 7e f2 b2 f7 3d e7 64 8c ce 8d b3 ad a5 d0 e5 63 88 bd cf b9 91 a6 c7 18 b4 9e 0c d3 77 88 9a 75 41 42 c5 d0 39 5c 39 2b 04 76 b6 b6 2c 64 3e a8 8d ae 13 f2 f0 06 7c 1b 11 c7 c7 6d 00 6c 01 d2 28 3f 89 bb 5f 4a 05 80 13 be a7 a0 cd 03 e1 c2 12 75 32 0a 84 9c 33 98 be 5c 39 e8 28 42 1b 22 1c 4f cb f7 3e 45 6e 11 b6 7a ea 92 bb ad 0e 6a 72 7c ad e5 ed 92 f8 8f a7 e1 42 cc 61 c4 47 1e 94 1f e7 fd 0f dc a4 ad 0e b3 a4 a3 c2 84 93 0a bf 81 7f 2d 77 4e 97 08 91 26 b8 62 30 63 a7 d3 a5 1b ec 66 fd 6b 7e 96 b1 ab 27 44 Data Ascii: :N65+AkOFf/1cD?e&t0=E/L>Lm24:1~=dcwuAB9\9+v,d>\|ml(?_Ju23\9(B"O>Enzjr\|BaG-wN&b0cfk~'D
2022-10-07 04:04:04 UTC	53	IN	Data Raw: a8 da d8 d5 fa 9d 46 58 c0 98 73 e5 05 91 13 db b2 b4 2a 0f d2 6c 2a b7 fa fb 4c 0e 59 db 2e 06 7c 37 6a aa ed 71 11 be 85 64 7c a6 37 db e0 f9 4a 9f 57 74 49 b9 08 d0 6f 6e b1 96 f3 80 00 73 5e 85 f5 dc 18 31 19 b8 cd 7b 0a 9c c8 71 2a 0c 0a 44 a9 ec c9 68 cd 29 cc 25 81 6e 49 9b 80 57 ac 46 09 51 fa 61 23 59 44 78 e5 dc 43 5a 63 b2 55 56 f3 b4 cb 28 62 0c e0 08 93 3f 1f 35 18 4c 5d 47 7d bb 99 a9 07 ee cc 86 a2 05 dd 6d c0 82 69 d0 32 e3 c8 97 7b aa 8b 10 a0 22 8d 60 e1 95 fb d9 31 1b 20 66 c0 7a da 1d 21 44 5a 5b 6d 2f 4f 90 13 86 a7 5f b0 7c 36 d3 5a 6c 9e 1b 8a b5 01 ba 03 0e e2 8e e5 c8 fb 4d d8 5a d8 f7 97 0c c5 37 ab 21 7f 97 e0 49 ca cd 95 9c 1e 8c af 3d c9 8e 82 33 b3 25 64 7e 09 27 df 87 35 c9 d3 e2 16 e9 3b 86 5f 17 d6 f4 b6 ec 19 3a 2e 08 f0 Data Ascii: FXslLY.\|7jqd\|7JWtIons^1{q*Dh)%nIWFQa#YDxCZcUV(b?5L]G}mi2{"`1 fz!DZ[m/O_\|6ZlMZ7!I=3%d~'5;_:.
2022-10-07 04:04:04 UTC	69	IN	Data Raw: 97 cf 97 2e b0 9d 29 cc 0e a6 dc af 02 74 dd cd 1f c7 da f1 e1 37 f1 14 cc a4 67 3e ef 67 96 97 82 58 52 5e de e8 c1 2e 76 cb db 19 f0 60 54 a4 ed 84 67 4d 47 bd f0 d1 e9 e1 6d 83 57 df 5d 02 d3 60 76 a8 7f 58 f6 42 b3 4b 06 2b 5c 3a 8a 92 87 00 ef 54 62 98 6f 7d 01 3e 1c 09 4b ef 32 bd 0c 68 04 13 6d 2e 4b 01 09 50 7d e6 3c c5 5c 5c 61 5f 56 51 37 51 c1 a8 c6 08 66 1c 9b b4 cf a8 ec 90 b7 44 c9 13 e2 3c eb 26 6e ec e2 a7 c9 1e 08 3d ab eb 42 65 2f 67 bb dc 1f 68 e5 25 3c 6b b2 0e 91 f9 07 9e a2 25 3a a0 62 2c d7 8d 67 91 12 19 e1 51 17 0c 93 d8 e6 6a ab 82 f2 e5 ab ad d6 94 d2 6f b7 39 3a d6 10 f8 52 e7 72 4e 97 0e aa 61 1c 08 66 4a 78 91 fd 1b d2 19 93 76 c3 b6 07 c3 e4 ef bb a2 87 43 1a 19 96 d9 df d7 1f 03 60 e1 22 a1 c0 3f a3 25 e7 3e 83 b6 ff 98 5f Data Ascii: .)t7g>gXR^.v`TgMGmW]`vXBK+\:Tbo}>K2hm.KP}<\\a_VQ7QfD<&n=Be/gh%<k%:b,gQjo9:RrNafJxvC`"?%>_
2022-10-07 04:04:04 UTC	85	IN	Data Raw: 7e 8b 64 59 e2 c1 10 dc ea 7f fb dd 7e d5 e1 fe 99 c2 dd a7 72 5d e6 d3 2c f0 a5 e0 92 26 a3 be 0c 5d 86 8b dc e0 f6 ff da 1d 52 9c cf 1c 33 2f cd 9c b7 5a 2e d5 43 c6 a9 cb ab 9b fb 47 d1 f7 70 a5 b1 ca d8 8f 58 6e 1a bd 80 eb bb 61 fa f3 74 cc 87 51 b4 5e 7f 69 59 dd 6e 8b 7b 6c d7 52 73 a3 ba a2 95 a2 c6 8b 96 da cd 5a 60 4f 81 27 61 43 60 8f f5 d9 33 f5 75 64 81 ef f8 88 f3 0e b7 d9 e8 72 eb 6b f9 de 5d 28 4e f3 ea 5b e0 55 b3 9c 18 70 b9 85 ba 45 6d 75 a3 ee a3 ad 84 7a e8 25 6e 09 6f 6e ae 5d d1 4c 2e c2 0f f5 a7 97 f5 e7 9e 27 b6 46 fa 0e 28 cf 26 07 df 18 a9 13 d5 a9 47 f8 e1 5a df 73 e0 a7 97 3d ca c2 8c 4f dd 3f 4e 02 fc 1b 75 9b b7 db 58 19 2c 92 8c 47 aa fa 99 af 65 3e 28 64 5c 4d 5f 1a 9f 12 30 fc f9 02 19 45 64 b8 58 33 d9 09 e8 6f de 2c 23 Data Ascii: ~dY~r],&]R3/Z.CGpXnatQ^iYn{lRsZ`O'aC`3udrk](N[UpEmuz%non]L.'F(&GZs=O?NuX,Ge>(d\M_0EdX3o,#
2022-10-07 04:04:04 UTC	101	IN	Data Raw: 7f 96 8a a1 fe ef 04 2d d9 91 d1 3d 7c a8 a8 aa 8d 49 b4 ce ad e7 d2 22 45 ad 94 dd cb c0 e1 57 6b 67 5c eb 5d 53 94 58 ed aa 82 bb 6e bc 1e 1d 53 e6 aa 5d 41 67 aa ed dd 84 e0 d7 0f bb 13 5e 62 f5 d1 6b b8 1b c5 eb 39 b2 a1 1c 93 c7 c8 86 f2 81 ad 5a 91 b9 0d a6 b6 d9 ae c3 c7 d0 66 89 d9 f3 59 c3 82 d5 c6 31 36 64 1b 81 fe b2 6a 68 4c 5b b7 db 68 9e c6 6e f7 c2 4b ac 5e 7a 0d 77 e3 f8 61 8f ed 57 0c ce fb ec e8 7c 7d df fe 47 52 a9 f7 82 5b 8a 59 d0 ce 34 2c 81 e9 2b 8e 5c 2d df 53 e2 f0 84 4c 0c 50 de 39 20 6c 98 71 66 61 98 d9 13 52 84 8c 1c 8e ac 10 09 c6 98 d8 6f ca b4 aa cc 11 0f 98 95 97 21 45 ca 94 8f 88 95 dd c1 e4 e7 ac 84 21 33 03 44 8a 7e 75 7d 60 82 9c 9c 8f af 1c 73 54 ec a3 7a c4 1c 39 21 12 54 ba 33 25 c4 42 cc 8c 10 86 28 2b 1d 44 42 36 Data Ascii: -=\|I"EWkg\]SXnS]Ag^bk9ZfY16djhL[hnK^zwaW\|}GR[Y4,+\-SLP9 lqfaRo!E!3D~u}`sTz9!T3%B(+DB6
2022-10-07 04:04:04 UTC	117	IN	Data Raw: 91 68 d1 82 b7 f6 f7 f1 75 b0 95 38 1f 55 3d bd 06 ab db 78 19 74 cb a1 74 44 79 19 65 56 48 85 00 d4 23 ac 64 09 3a fe d4 ca 5f 0a d8 f9 2d d8 62 60 ce ef 14 a0 9e d2 43 00 09 da 65 cb 19 0e 73 d0 9c c5 b8 04 1b 65 90 0a 2d f3 32 f2 1b 7a 2c 61 ce 60 1d 72 3d 6a f0 ab 79 32 3c 37 5f 18 7e 87 43 02 bd 4e fd 67 e4 4e 9e f3 c8 40 c1 dc 0d 20 e7 3a 2e e9 a0 04 78 a9 83 56 83 dc f4 9a 6b 23 ae 82 0a 6e 60 06 40 f4 ab 84 e3 8e 15 58 d1 b0 7b 91 91 f6 2b 12 9d ce 4e 61 ea 06 f3 b0 e8 36 cc a3 07 76 51 dd 46 31 d3 dd 02 d5 08 44 a4 20 60 cb 1d 46 9c d8 34 fb a6 e0 a4 68 09 68 ec ce 61 0a 0f a7 17 18 6f a8 82 29 87 98 be 16 e0 96 fe 04 87 ec 0d 78 c2 72 f3 5b 3e 64 40 b8 eb f9 c7 ce f1 61 0c db 83 bc fb 8c eb 80 2a 07 75 c0 0a 01 38 c2 3e d4 cf 51 5d 35 25 da 38 Data Ascii: hu8U=xttDyeVH#d:_-b`Cese-2z,a`r=jy2<7_~CNgN@ :.xVk#n`@X{+Na6vQF1D `F4hhao)xr[>d@a*u8>Q]5%8
2022-10-07 04:04:04 UTC	133	IN	Data Raw: 5e b3 27 73 99 bc f4 fc 05 6c 0f c1 16 36 3f d7 5f a3 37 d0 77 e1 71 b9 8e 4d a4 8a d4 5c 5f 46 66 e8 36 74 d7 5c 47 30 00 9f cb 68 a9 5f 68 d3 5c 74 6b f5 52 9a f2 4a bd e0 46 28 80 4c ea cf 57 2f 93 77 80 a8 60 41 f9 5c f5 92 42 31 54 2f 2a 59 99 2a c4 9e cd 32 62 e8 4c 99 10 8a 59 12 8f c3 99 93 34 ad 65 f5 3a 90 e1 5f a2 91 46 cb 56 04 c5 fd 76 6e ee 99 1b 90 52 af 11 9f 3c 20 fc 34 29 93 d9 b7 e4 a2 70 c8 d4 e9 63 3e 29 a0 54 a3 58 86 83 03 36 ac 04 8c 69 c4 b2 f4 1d d3 30 c3 13 12 6c 0d 07 52 98 32 90 44 b4 56 9c c2 8c 2f 0b 63 20 a8 69 4b 37 7a d2 96 56 e3 e8 72 f6 87 35 e6 df df b7 97 d4 95 50 e6 c6 cd c9 e2 4c 15 ae 25 8b 93 03 cf 1c 0b ae cc e6 0f d4 e4 53 a6 75 93 7d 3d c5 35 0f 11 f4 bf 20 d1 33 7c 07 30 09 18 51 82 03 9a 55 92 1a 53 21 73 63 Data Ascii: ^'sl6?_7wqM\_Ff6t\G0h_h\tkRJF(LW/w`A\B1T/Y2bLY4e:_FVvnR< 4)pc>)TX6i0lR2DV/c iK7zVr5PL%Su}=5 3\|0QUS!sc
2022-10-07 04:04:04 UTC	149	IN	Data Raw: c4 6e 69 8c 50 96 1b f1 84 74 38 e4 e3 22 5e 49 27 4a e5 dc 5a 3a ca 59 c1 77 07 84 d1 3d ab 87 b9 5e e6 d5 b3 be 51 94 34 6a 8f a2 60 a5 f7 28 39 b7 63 17 2f 19 5e 1e 66 8f 88 1b e5 18 80 4d 02 91 65 a1 9b 1b b5 3b e8 f3 be 05 e6 78 8b dc 4b 91 99 26 e0 99 62 42 98 65 cd d2 ad cc 16 31 70 c7 32 47 d6 7e c2 0c 90 2c cc cb 42 87 9a 9b 01 36 44 da 91 dd 58 1b 61 6e 7e ab 9c 11 9a ea e5 af 76 2d 02 b1 74 d5 58 1f 56 0f 0f 03 f9 ba 87 d6 65 06 f0 1e ba cc 00 fe 8d be cc 00 3e 0a af e1 a3 f4 1e 1e e6 f1 f5 9c db 70 65 72 43 a4 e8 7a af 43 8a b0 7f 77 2c 55 d9 47 e6 35 7c e4 de c3 2a 2f 55 59 90 74 89 91 a9 87 74 49 55 d6 37 bc bc e7 b6 6a 68 94 ab 87 87 79 fc f3 9e 1b 44 8c cf 67 d7 dc 0c f0 5f 15 4f c7 2b 3b 40 ac a4 7b 9d 2e a5 76 5b 99 20 ff c6 11 70 99 60 Data Ascii: niPt8"^I'JZ:Yw=^Q4j`(9c/^fMe;xK&bBe1p2G~,B6DXan~v-tXVe>perCzCw,UG5\|*/UYttIU7jhyDg_O+;@{.v[ p`
2022-10-07 04:04:04 UTC	165	IN	Data Raw: e9 6c 7f 82 be 51 7d 7b 4a 58 a7 06 db 93 0e d6 d1 8a 18 c3 62 2e cd af ed 54 43 49 33 d1 41 25 6a d3 f4 c4 07 61 b1 7d fc 24 52 8f 62 25 dd 01 81 0d 32 11 c4 26 51 5f 4c 4b 21 f4 7e 1b 58 3c 3c 3e 0c dd f6 15 86 6f 9b 19 d6 4d 4e 16 42 1e 9a 6c 6b 12 a2 00 a1 11 11 97 6f 19 38 1c f6 54 0c c1 d2 39 d7 10 44 c8 bc c2 35 16 27 8e 28 37 ad 6e 92 b3 a3 25 11 08 92 f5 2c 44 2c 5c 85 ec 24 e1 e2 f1 28 a7 77 06 5d 3b 60 53 cf a1 7b bc 67 08 09 d7 6a f2 50 5c 7c 34 28 5d 25 f8 a8 05 ba db 03 6d ba d0 89 ff 5f 77 5f d2 6b 59 8e 9c 07 78 99 06 fc 1b de 32 cb 50 65 1f ce a4 77 36 60 0b 30 60 5b ee 2e af 5a 5a b4 b2 d5 dd 05 bf 6c c9 ad 12 f4 f7 7d be 81 c3 7d f7 96 64 03 f2 c6 48 24 32 19 97 e4 e1 10 0c c6 c4 88 ae 69 0c cb aa 49 c3 86 3b ad 91 15 ae af 38 7a f1 b8 Data Ascii: lQ}{JXb.TCI3A%ja}$Rb%2&Q_LK!~X<<>oMNBlko8T9D5'(7n%,D,\$(w];`S{gjP\\|4(]%m_w_kYx2Pew6`0`[.ZZl}}dH$2iI;8z
2022-10-07 04:04:04 UTC	181	IN	Data Raw: 0a 77 a2 77 ee d2 03 2c 85 58 1e b4 d3 98 21 75 6c 5e 0e b8 f5 a8 66 f5 1e 95 ed 51 53 05 0e ec 6a 77 9a a8 cc 4a 38 4b 16 1e 81 b0 6e 2d 0c 14 ba e4 21 a6 32 b5 df d8 ef d0 96 ed 4f 87 d2 58 62 e3 c1 4d a1 94 c2 92 26 22 ea ae 2a 05 4e 43 4c 6d 78 18 7a c1 57 06 f7 1b 76 b8 52 39 32 e0 5b 4e 02 00 72 2c 05 bc 23 cc c8 78 1a d5 d1 b1 3e 75 98 01 33 b2 75 59 60 1c c2 62 27 55 6c b4 1e be 8f 53 a3 f5 32 78 55 17 1d c5 19 d3 da f2 40 44 51 67 5d 21 30 88 0e dc f7 37 ac b4 13 c3 b4 d4 a8 07 78 60 f8 ea 3e c0 9c d9 96 1b c4 62 80 97 c5 df 4a 60 da 6d 2f 20 61 b0 77 55 4d db 4d 20 01 de 89 9a f6 b2 40 4d 77 df 20 de 2e fb 90 86 14 5e af d8 4b ae de 1f 94 aa 0f 08 bc 64 fa 9e e7 ea 39 1f 3f 90 e3 e6 a3 9d e3 07 6c 5b 1b 36 1b c2 9a 78 20 a1 1f 3e f0 38 a1 73 a0 Data Ascii: ww,X!ul^fQSjwJ8Kn-!2OXbM&"*NCLmxzWvR92[Nr,#x>u3uY`b'UlS2xU@DQg]!07x`>bJ`m/ awUMM @Mw .^Kd9?l[6x >8s
2022-10-07 04:04:04 UTC	197	IN	Data Raw: cb 09 70 3d 71 3b af 13 e8 ce c6 06 d0 fe 71 c5 4f 82 ce 14 8f d8 d8 f2 8d 57 a9 ad 09 c5 18 46 af d0 32 59 fc e2 21 31 36 c3 0a 47 6f 3f 7f 9c d3 7c fd cd cf a9 d0 cb c6 a2 1f f8 f0 e9 81 fa 08 69 d2 d5 ea 54 a9 cf 31 42 57 42 97 dd 70 bd 32 51 dd 07 f7 b1 72 92 c5 4c 74 3e b4 2c e4 7f d2 cb 7b 3c 8c c7 40 14 9f 0b 2c 8a ab 2d 6f 35 2f 6a bb e0 a1 b6 77 b3 eb cb a7 fd ab b8 70 0e 94 cd 4f d2 c3 4d fe 3d bd ee 1b ee 7e c3 0e 7a 13 ab 17 f5 ee f8 1e 5e c5 4e 16 02 77 fa 38 39 3c 8e 76 78 49 50 e6 d2 47 9a d4 4f f9 c0 d2 47 f5 9d 19 79 2a 8c d0 8d 3b ff 21 bb 83 90 1f 44 ad 29 e8 70 ee e0 3c 20 39 fa 0c dc 64 6f 19 8f 06 0b d3 61 2c 44 0c 46 5a e7 cb 19 05 e6 db c0 c8 9b 78 48 e1 a5 12 d6 26 17 37 b4 f7 8a 4b a2 a7 ed f1 62 15 01 85 31 03 ae 56 5b bd 76 ab Data Ascii: p=q;qOWF2Y!16Go?\|iT1BWBp2QrLt>,{<@,-o5/jwpOM=~z^Nw89<vxIPGOGy*;!D)p< 9doa,DFZxH&7Kb1V[v
2022-10-07 04:04:04 UTC	213	IN	Data Raw: 61 c3 58 a9 d6 8f b6 89 c6 b7 dc 15 38 3a ef d9 b4 d9 f4 8e b6 23 c9 d3 89 07 a5 6d c0 45 36 fe 82 e3 dc 4d 2e 8c 97 05 85 5d 24 e8 09 f2 93 e0 0c 05 0c 84 6a 6b 24 1a 85 7f 76 08 be 4e 9a 3c cd f7 82 c5 32 77 39 e9 61 52 d7 90 a6 bf d2 f3 a0 b3 60 75 6d 16 44 a6 1d fa 98 7f 72 8f 07 6e a8 0b 56 e4 6a 5b 24 34 31 16 ec e9 53 b5 4a 61 d1 ca 8e c7 d6 a1 e2 c0 b2 1c b0 2b b3 cd 85 f1 2b b4 24 61 b4 15 25 09 1f 6d e1 e8 27 33 b2 10 39 0e 13 09 f2 40 4b 74 8c 53 82 60 c2 0c 11 57 71 42 f3 e0 a8 ed 9f 1d 3d 5c 05 f6 26 f7 67 38 e3 89 82 6d 83 6c 7e 3f d4 af e3 12 46 02 17 98 a4 81 a7 5b 85 12 5c 7a 9c 6e 3c c3 80 85 28 37 06 ce 26 51 a4 db 79 49 10 4f 4d fb ca d1 66 22 5c a7 ac 39 06 42 92 6b 3a 86 3d 63 9e 4a d1 3e 9f 4c 89 86 b5 ef f7 0c 65 d8 25 42 50 8b 45 Data Ascii: aX8:#mE6M.]$jk$vN<2w9aR`umDrnVj[$41SJa++$a%m'39@KtS`WqB=\&g8ml~?F[\zn<(7&QyIOMf"\9Bk:=cJ>Le%BPE
2022-10-07 04:04:04 UTC	229	IN	Data Raw: aa e1 a6 f1 06 5b d2 bb 33 07 46 e7 ba f3 fb 1e 2f f5 f7 3a cb 1b 01 d4 27 68 c0 08 b4 41 5d 2c ac 61 9f 3c ee 02 ea 02 93 9b d5 49 14 2c 7d 30 bb b1 2b 55 e0 ea e6 ce f8 8d db 21 36 a2 38 2b c5 d6 fb 89 c1 66 2a e2 22 7e 60 3f 91 64 be 03 cc 3e 2a 6d f6 72 9e a6 00 06 32 d0 a8 35 4b 21 f2 de ff 32 1c 6c 18 6b d8 bf 47 9e eb ed cf a3 97 34 ed 06 62 14 39 6c 7f d2 6f b4 2d 70 8d c9 c2 28 5d d3 fa da 1e f4 5c f5 63 75 b2 2f 98 f7 45 5d d2 9f 36 81 52 42 9b 83 a9 a6 36 8b b3 c4 ec 82 59 c3 ec a4 dd c6 ec c3 49 c5 ea 62 a3 f2 3a 08 d2 db 81 81 d8 d5 f5 6e f7 5f 17 a6 b6 69 a1 fa a6 24 e2 f7 98 ce 3d c7 81 61 ca 15 a8 44 5f 65 04 8c 4d 36 95 95 2f a2 de 15 39 ec 06 26 6b 2a e1 ac 06 05 a2 12 9a b9 2e dd 83 8b 6e 0b 44 79 67 3d 36 0b b8 fd 7d 40 05 ce 96 0e 9d Data Ascii: [3F/:'hA],a<I,}0+U!68+f"~`?d>mr25K!2lkG4b9lo-p(]\cu/E]6RB6YIb:n_i$=aD_eM6/9&k*.nDyg=6}@
2022-10-07 04:04:04 UTC	245	IN	Data Raw: d3 c3 74 5a 98 f8 e2 77 86 62 ff 9b 8b 5d 24 65 0c 93 e4 7c 19 a1 4c a3 79 ab 16 9c ac ef b3 48 41 38 1b 2f b2 55 11 55 24 40 ed 85 7a 2b 64 e6 12 c0 a5 de b7 e1 da 44 ab 2a dd 28 7d c2 aa 13 c4 71 fb 1d 94 f0 ad cf 0a 2a 59 b1 ad 4e a9 2d 58 ec 21 6d cb 5c 94 54 bb 4d 4b 09 4b 39 66 fc 12 74 fc 12 d2 ea bb 20 15 00 9c ef 69 b8 03 b7 50 ba 64 3c 12 df ea b8 05 e6 98 bc dd 87 fa cd c4 08 27 b4 e8 e3 5e df 8f 0a 78 27 36 2c 8e 32 e6 c8 8a a6 a2 26 02 fc be 94 2b 92 f8 a7 09 3b fa 96 b9 e7 9d 6a 44 60 ee 90 b8 f7 cd 92 a6 3c 40 3f 2d cd 02 ab 73 8f 80 8c a9 45 76 04 4f 11 bf c1 68 60 2a ab d3 f4 fc 4c dd d4 12 1f e3 24 60 20 41 b9 fe b6 4d d2 ee bc ee e8 e7 91 f9 8a 38 1d 58 25 bb 07 66 62 37 88 ec f4 49 a8 7d a1 0b 72 f4 a1 06 76 41 c7 1b 73 2c d7 99 25 6a Data Ascii: tZwb]$e\|LyHA8/UU$@z+dD(}qYN-X!m\TMKK9ft iPd<'^x'6,2&+;jD`<@?-sEvOh`*L$` AM8X%fb7I}rvAs,%j
2022-10-07 04:04:04 UTC	261	IN	Data Raw: 4d f2 88 d7 28 d2 20 42 cf 7c 95 c5 5f bb 74 7a 31 46 59 94 e0 3a 74 95 03 4d 5a 34 7c af 22 82 bd 50 5f 80 08 89 d8 3e 77 7d 5d 61 f3 e1 26 ce 30 c6 2c f7 50 b8 e0 62 40 6e 7f 32 c2 15 63 f7 00 7f f2 3e 9b 63 bf 89 33 8c a9 c8 3d 01 41 5d 58 c7 e4 0c da c6 90 a8 d9 c2 95 97 9d 66 6f 03 f2 fb 55 8e 2b 2c d8 0c c5 bb 5c 65 bb de 10 b0 45 b4 50 3c d0 50 7d 4e 0f 34 e4 4a a7 2a df 20 98 e0 0c 57 e4 b7 c6 a7 6c 56 79 15 b1 0c 75 05 2a b1 42 16 7b 65 9c a1 ad a3 97 27 bf 08 53 cc 91 71 86 d1 02 97 64 01 9b 28 57 e9 6b 3c ce 70 41 8c 43 73 c7 85 be d2 44 60 b1 dd 1d bc c1 18 8f 5e 9d 96 e1 02 83 71 f9 9d 17 15 2a 97 9e c6 7f ce 6b ac b2 d0 95 c6 51 23 a5 a5 cb 9f 58 16 fa b2 d9 9d 77 f8 ba 35 e7 d0 a8 20 8f a9 9e 84 5d 2f bb 5b d7 86 c0 3b 1b 2d 4c 67 d1 ea a2 Data Ascii: M( B\|_tz1FY:tMZ4\|"P_>w}]a&0,Pb@n2c>c3=A]XfoU+,\eEP<P}N4J* WlVyuB{e'Sqd(Wk<pACsD`^qkQ#Xw5 ]/[;-Lg
2022-10-07 04:04:04 UTC	277	IN	Data Raw: 70 cb 97 75 7a 03 30 aa 20 57 32 a2 2d 98 a6 7b 97 8b fb d7 2e 48 a0 c7 f5 54 1c 43 d6 c2 cf a0 d8 ab e6 ef 22 18 f2 b8 6f e0 b2 3b 8a fc 57 68 f7 a9 87 f6 5e 9e c9 bd f3 8e b9 6a 54 29 2e 69 35 b6 85 6c 1e b2 a3 2f e2 82 e0 0b be 2f c0 40 94 c8 fc f6 45 5a 23 fa 15 3b c0 ee e0 f2 10 55 9e 26 a5 e0 b1 26 ab b4 9b f0 54 ed d2 d4 e6 95 e0 be 4b 43 97 69 19 c4 b0 59 e4 9b 07 da c3 d9 33 40 18 b2 72 3a 6a 58 d2 70 35 09 cf f1 e1 e1 35 d3 b7 10 b3 7f d1 47 ae 31 0f 39 fc 1d 4b 62 36 f5 55 2e f2 fc da 90 c6 63 83 63 52 ba 96 be 51 3b 57 a4 03 b2 73 d4 15 09 c9 fd 92 a5 b1 0f 4a 41 ae 90 20 0b e4 ea 7e 6a 92 14 34 45 be b7 45 ca 51 e6 8f b5 85 eb 0a 5a 86 c3 75 57 b4 65 f5 e4 1f 95 e1 29 bc 8f a7 03 3b 95 89 30 56 b9 45 da e4 0e 08 33 85 5a 0b ad 2c 3a 83 3e 10 Data Ascii: puz0 W2-{.HTC"o;Wh^jT).i5l//@EZ#;U&&TKCiY3@r:jXp55G19Kb6U.ccRQ;WsJA ~j4EEQZuWe);0VE3Z,:>
2022-10-07 04:04:04 UTC	293	IN	Data Raw: c0 45 92 95 a7 e8 08 5c c4 51 2f bb eb 6f 91 d4 f2 ad c5 76 0a 0f 28 a4 e9 41 e4 bc 00 dd 55 f2 68 f1 8d 14 1d 81 51 e5 e4 38 02 6b 21 90 7c 1c 81 ad 7d 1c 81 4f 0f 1e c3 f4 0d c7 11 18 df 80 67 2a fc 78 65 08 74 15 56 37 5f 0c 71 85 f6 99 84 43 2a b2 52 db 1b fa 60 c1 0a 7e a3 2f 2b e2 61 a3 e8 cc 61 6e a3 74 4c df d6 e2 78 02 5f 90 86 24 40 e6 63 6b 10 f3 c1 2d 9a f9 ff 78 02 e3 1d d1 13 58 c7 51 87 7b fe 16 71 bb 9c 39 b6 7d 66 06 91 e2 c3 e5 ed bc a1 d1 fb d1 be 11 f0 cd 51 88 22 f6 76 06 59 3b ca 14 d8 34 d0 3e 8e c0 a1 07 e2 2f ed 05 ea a4 1b 3f 00 2f de 33 04 78 f9 9e 21 5a fb 4c c2 21 9c a6 bd c1 d0 c0 4f 1c 3c d9 10 0c 93 36 44 c3 f4 7d 2d b0 7b 46 05 26 66 33 37 7a 87 a8 49 f4 93 15 18 d6 1d 32 51 1b 07 10 75 70 ed 68 76 96 68 10 59 25 e5 06 36 Data Ascii: E\Q/ov(AUhQ8k!\|}OgxetV7_qCR`~/+aantLx_$@ck-xXQ{q9}fQ"vY;4>/?/3x!ZL!O<6D}-{F&f37zI2QuphvhY%6
2022-10-07 04:04:04 UTC	309	IN	Data Raw: 5f 60 e0 88 ce 77 5c d0 63 83 e3 14 15 f0 83 46 13 e1 8c a8 f2 87 3e 47 ac 01 10 30 97 2c 6d dd ce 65 42 9e 36 08 d6 32 54 3e a1 94 ce f5 0d c2 15 26 83 b0 eb 96 83 c7 42 78 f2 08 91 83 2e 8c ae 83 28 88 91 f4 9d 7d 51 cc da 08 69 19 e9 6a 51 02 0b a2 7b fd e8 ac 1e 5d 14 17 54 4f 86 a0 09 4f 31 6a 9c 49 05 1f 10 5b 98 ac f3 98 33 23 ca 76 76 be db 8a 91 8e a9 9e 87 9b 39 b8 38 88 1a b4 1b 8e 41 a6 5a a3 85 3d 55 13 72 5c 08 d2 80 93 4a 2c b2 05 bd 14 22 59 8d 95 0d 60 6a 43 4b e8 29 bd 5e 8d 31 75 f7 1b c9 d1 24 3b 61 f1 ba 8a 54 6d 84 24 9b 60 c5 33 ad 93 c3 02 f5 2d 6d 84 20 52 96 c3 ce 12 a3 0d a6 b9 a8 8a a8 cb 62 8c d9 74 f1 0d dd 2a 26 04 d8 4d 37 85 82 a6 65 74 72 19 72 86 10 4e 49 ba 00 3a bc 81 e1 46 45 93 7e 06 67 d9 94 ae dc 01 07 6b eb 94 d6 Data Ascii: _`w\cF>G0,meB62T>&Bx.(}QijQ{]TOO1jI[3#vv98AZ=Ur\J,"Y`jCK)^1u$;aTm$`3-m Rbt*&M7etrrNI:FE~gk
2022-10-07 04:04:04 UTC	325	IN	Data Raw: 63 8d 63 c5 22 33 a5 ef 23 88 7f e6 11 d9 05 ec 75 86 a5 4e 34 23 55 53 85 b4 18 a2 76 30 7c 3d cb 6c 9f 43 0a 07 63 85 ec 93 d8 36 ba ee 3e 71 3d 0e df ec 7c b5 c9 ba 05 95 d5 30 75 60 23 b5 a4 12 66 c6 b3 82 38 31 09 ff c2 12 ef 39 9d 12 88 43 57 8d 4c 62 36 70 4a 3a 42 8d 78 55 4a 29 44 68 7b 31 8e 3b 22 e3 0c 9c 16 fc 3e 44 3b 5c da 98 78 92 47 a4 d8 aa c6 84 13 21 71 e8 2b 03 b6 ad 60 97 db c1 cf 0d d1 4b e1 84 ee de 5f 9b 0e 01 d2 df 37 21 78 a1 45 46 63 4a 1f e5 e8 38 18 52 cf 2c a5 95 f2 d0 1b e2 e9 df 11 66 c1 b2 67 e6 72 15 53 31 66 89 e3 5a 8c 0d e7 b5 3d c8 96 4a e1 c6 b6 a1 35 53 89 e6 61 53 dd 9c 59 f3 66 64 e6 ef 19 eb 2a 51 0f 23 b3 75 d2 9b ec 26 64 9e 56 c3 94 cc 4c f6 ba 99 d1 44 22 71 b0 f0 76 03 93 2e c9 83 89 51 9a 84 f5 3a 6e c7 1c Data Ascii: cc"3#uN4#USv0\|=lCc6>q=\|0u`#f819CWLb6pJ:BxUJ)Dh{1;">D;\xG!q+`K_7!xEFcJ8R,fgrS1fZ=J5SaSYfd*Q#u&dVLD"qv.Q:n
2022-10-07 04:04:05 UTC	341	IN	Data Raw: 16 26 f8 f3 54 22 54 e7 cf b3 84 30 2a 06 3d 99 d8 27 18 f4 64 88 54 b0 df f5 e8 09 98 60 d0 8b 8e bf 53 a2 8a 9b 8a 41 af 26 21 2a 18 f4 52 5c ac 18 f4 5a 71 11 c4 f8 54 7f 92 60 67 d0 81 39 0c 1a d9 46 0f 83 5e b8 b2 76 18 f4 6a d2 19 83 41 23 f7 d1 61 d0 f4 f8 1d f6 bb 9e 10 10 c4 a0 6d 6d 8e ab c4 cc ba 9e 22 06 3d 56 24 c4 16 83 b6 98 d1 8b 3f 0f e5 2c 17 7f 16 78 f1 e7 c0 88 3f 0f e5 7d 71 fe 3c d6 67 7b e1 cf 33 2b 2f b5 f8 f3 6c 62 64 5a 9c 7c 91 f6 5e bd cb f3 20 ab c4 52 ea 28 67 d0 cb 93 9c 8a 41 83 d2 17 83 3e cb 8e 0c fa db c2 d4 64 96 17 06 bd c6 fd 5a 0a da 6c 37 83 5e 2d 58 8c 18 f4 2a a1 1b 4c 4d ce ad 1b 20 63 db 2b 83 9e e3 ff 63 ed cd 71 24 eb 71 68 61 bf 57 51 f6 33 0a 9a 87 75 d4 12 0a e8 e7 64 3a ff fe 8d ff f2 9c 43 4a 91 11 dd f8 Data Ascii: &T"T0='dT`SA&!R\ZqT`g9F^vjA#amm"=V$?,x?}q<g{3+/lbdZ\|^ R(gA>dZl7^-X*LM c+cq$qhaWQ3ud:CJ
2022-10-07 04:04:05 UTC	357	IN	Data Raw: 19 44 60 b0 94 a3 06 29 19 a2 89 50 32 78 1f a4 63 88 2e 06 a5 5f e7 e2 af 66 e7 5c a7 6c 76 8a 5f 8f c8 a2 72 71 51 39 ab db 9b 5f e8 ea dc cd e1 a0 b4 b8 5a 77 73 4a e2 59 b2 d8 cb 80 63 5c 8e e1 f5 3d 6a d0 f5 3e 9a 08 05 40 74 42 1a 82 e8 a4 1f b0 3e 8c 73 04 db 74 ae bb 44 ea d2 63 a8 86 04 cb f5 ab 0d 0b 46 dc fa e9 85 f9 a4 cd 79 7a 19 70 8c e3 60 38 52 af 21 28 a1 36 0e a9 d4 89 a0 a5 3a 19 b4 7e 9d 0d 70 73 98 79 4b 37 0d d3 a7 83 89 1d 6d 26 cf eb 13 c2 35 ba 07 b1 49 71 aa 11 a0 d0 c5 c2 30 d9 a7 f3 74 d4 c2 78 e8 94 74 9a a2 c4 90 02 c4 97 d2 e8 af ea aa 8e 2c 3e f7 b6 36 bd 90 b6 35 36 6d 9f 21 23 6c 92 a3 77 49 09 64 c9 16 ec a5 68 e5 94 7d c3 52 e9 1e cc 19 69 9b ba 75 fd c4 1c f6 e6 5f 7d c0 b8 4a 17 7d 59 52 e9 d6 c1 de f2 80 44 38 ff ae Data Ascii: D`)P2xc._f\lv_rqQ9_ZwsJYc\=j>@tB>stDcFyzp`8R!(6:~psyK7m&5Iq0txt,>656m!#lwIdh}Riu_}J}YRD8
2022-10-07 04:04:05 UTC	373	IN	Data Raw: 22 7a f6 36 1a 3d 5f 1a a3 e5 24 cc 04 4b 25 1c 97 fb 93 e1 ef a4 24 00 ce 7b 58 6b e4 21 3f 62 0d e5 64 e1 f6 45 38 fc f8 a0 e0 f9 b4 d3 8f cc 2f 79 a3 ec f6 c5 05 e2 2e 41 41 37 d1 8a 33 ac 26 dd 3c da f0 42 d2 2d 8f f6 45 6c c5 2e 15 90 dd 13 02 d3 d6 4f fb e2 c4 9d db 17 17 88 ec 8b 73 6d 69 60 44 39 4a 68 ec 74 f9 da 56 03 23 dd ab 9c 5d 27 7a 26 f5 45 13 10 f0 fe d3 ca ea da f6 bc af cc d0 c6 ad 43 c8 2e e9 b6 9b a3 be d8 e6 4c a5 94 64 0d b9 91 d1 be 08 f4 fb 18 1b f7 9f 43 dc be 48 2f ae 36 18 19 c9 52 7a f9 c8 4e 8b 8a bc af d8 26 f0 83 8c ce 6e 1b 85 0e e7 41 4d 57 c3 c9 a5 98 a7 70 a9 e1 5c 2a 51 14 6a ed d9 ed 55 64 0d 7d a3 b7 08 f5 fa 70 6d 0b ae d7 df e9 b3 e5 98 90 dc da 93 d6 b8 d1 a1 b1 67 0a 3a b4 2f a2 5c 9f a6 79 31 c8 f3 ce 4d 8c 93 Data Ascii: "z6=_$K%${Xk!?bdE8/y.AA73&<B-El.Osmi`D9JhtV#]'z&EC.LdCH/6RzN&nAMWp\*QjUd}pmg:/\y1M
2022-10-07 04:04:05 UTC	389	IN	Data Raw: dc cf 8a 7c a3 b7 31 1b 5e 7a b0 c7 dc 66 d7 6e ce bb f9 7b 8e bf 5c 93 f0 01 27 77 04 56 bc 10 1b df ca 25 0b 63 5d af 57 19 5b 68 fb 55 32 b6 ae e8 7f fd cd 57 ff f5 f8 f7 ff 03 4a 0e 2c 3e 65 6e 64 73 74 72 65 61 6d 0a 65 6e 64 6f 62 6a 0a 32 33 31 20 30 20 6f 62 6a 0a 37 35 32 31 32 0a 65 6e 64 6f 62 6a 0a 32 33 35 20 30 20 6f 62 6a 0a 3c 3c 2f 4c 65 6e 67 74 68 20 32 33 36 20 30 20 52 2f 46 69 6c 74 65 72 20 2f 46 6c 61 74 65 44 65 63 6f 64 65 3e 3e 0a 73 74 72 65 61 6d 0a 78 9c bd 5c 49 73 1c c7 95 8e f0 91 8e f0 71 ce 38 56 3b 88 72 ee 8b 27 7c 90 3d b6 c3 bb 2d c2 31 07 59 07 8a 00 c8 1e 75 13 14 d1 9a 31 fc eb fd 5e 2e 55 2f b7 42 03 e4 28 10 0a 15 ab b3 72 79 f9 96 ef 2d 99 df 5d b0 99 5f 30 fc 4b ff 7f 73 7c f1 b3 2f ed c5 db fb 17 ec e2 b7 f0 Data Ascii: \|1^zfn{\'wV%c]W[hU2WJ,>endstreamendobj231 0 obj75212endobj235 0 obj<</Length 236 0 R/Filter /FlateDecode>>streamx\Isq8V;r'\|=-1Yu1^.U/B(ry-]_0Ks\|/
2022-10-07 04:04:05 UTC	405	IN	Data Raw: 98 64 6e 0c ed 73 56 c1 d4 a9 10 64 f6 ae a8 ee c8 ac 2c 98 13 ee 77 8d 58 c3 f9 b6 b1 62 7c e6 c3 49 d4 c6 67 5e 66 12 8c 87 6c 9b 93 52 46 46 13 75 c2 6d 4c 05 81 ca 0b 9e 72 04 23 21 f6 b3 64 43 32 65 cb a9 62 0a 95 5d 05 b4 23 40 b6 b4 2c d1 60 73 7d 67 8b ea 32 17 ad 5d 1c 5c db 55 ee ca ff 6d 30 d2 2a 66 a4 c4 c1 07 10 4d d9 12 33 d9 88 1a 9c 0c a4 f1 87 a0 95 ef dc f0 fc 77 dd 7a b2 f6 2c 97 b7 e5 f0 c5 7b ab 53 e1 6f d9 b2 a6 e1 83 89 f0 d8 8c cc c4 b6 78 60 eb de 60 0c ec d3 41 e0 30 b1 3f 87 4a 9a 4e 03 36 d2 8d 1f f8 c5 ab 8c 7c 4f 9b 42 d8 fe ea e9 82 60 fb 62 b8 4b 40 25 c4 03 d8 b6 2f 2e 61 ba 88 4b e4 23 a4 ae 71 89 5c ae bc e5 b1 47 01 7a 32 9b 70 0c 43 40 be 38 30 41 93 7a 74 0e cd 54 10 d4 54 a3 58 ef 66 95 9d 3e 34 1e b4 67 8d 8c 21 e5 Data Ascii: dnsVd,wXb\|Ig^flRFFumLr#!dC2eb]#@,`s}g2]\Um0*fM3wz,{Sox``A0?JN6\|OB`bK@%/.aK#q\Gz2pC@80AztTTXf>4g!
2022-10-07 04:04:05 UTC	421	IN	Data Raw: 82 ef 5d e0 3a 49 17 c7 e1 7b cc 91 78 f8 1e b3 36 de 7c 0f 8b 61 ad e0 7b 98 a6 71 f8 1e e6 05 4b d4 f9 1e e6 65 8d bb 84 c4 fd c1 31 54 d7 4c 2e 1f 84 f2 59 8a f1 c1 30 66 f5 60 7c 2f 7c 8e 8c 6f d3 b4 de b6 5e ce e0 7d 8e 69 93 8e c6 78 df 9f ef 08 ae 38 fa f3 db 63 f7 76 25 51 3e f6 1c f1 cc 03 c3 85 ac f3 b9 ca 06 a0 95 6b c1 cd 26 fd 64 2c c9 49 d7 ce 53 62 4b e5 93 b8 9f 57 8e c7 a2 a9 50 3f 6a 12 99 16 d7 a0 4a b6 15 da 28 ac ad a3 54 01 dd 0e 86 8c 1a a6 35 3c 46 fc c9 7f 49 57 46 ce 4d 4b 1b 69 26 b2 4c 6b 16 1f f2 f8 a8 06 bb 85 4b 9e 87 5d c3 8b 0e 15 94 71 8e 81 12 a3 50 6d cb 5c 57 78 c3 9f 64 5a 0c a4 91 ba 2e 21 4e b8 2e 8d 28 9d 9f 0e dc 13 35 a2 17 46 2f c3 bd eb b4 4d 58 33 66 cb eb 2f a0 8a d9 94 b5 a8 a6 fa 34 74 60 6b d1 4d a9 37 ce Data Ascii: ]:I{x6\|a{qKe1TL.Y0f`\|/\|o^}ix8cv%Q>k&d,ISbKWP?jJ(T5<FIWFMKi&LkK]qPm\WxdZ.!N.(5F/MX3f/4t`kM7
2022-10-07 04:04:05 UTC	437	IN	Data Raw: 2f 49 e3 3b fc 2b c0 a2 1b cf b8 d4 b4 6e cc 51 30 df 70 f2 3d e7 18 4b 06 fe 75 2a b0 01 b7 d3 02 03 8b a2 bc ba 00 53 f2 d3 43 46 8c 3e 63 f0 98 d2 70 34 c8 77 81 45 a9 58 df 33 94 ca dd c0 c8 3a 9a 76 b8 9d 40 d0 56 07 1d 3c 23 08 8c c6 e8 15 38 0d bc 89 43 25 ef 83 93 51 5d 74 2a bf ce c3 6f cd cc 59 d6 7f 59 45 da d7 b2 1e 25 8e 73 fa 04 35 31 89 c5 78 05 70 f1 e0 81 06 47 67 38 50 2c 5d 30 b0 68 03 3e 03 13 a6 c0 95 f0 d4 90 99 bf 2b da c8 25 fc 8c d4 8b 44 9b f4 e8 65 82 30 74 c6 41 58 d3 39 ef 12 0c 11 7d 6a 68 99 e2 ce 69 83 fd 3d bd a0 0f ea e9 a5 c3 67 1c 81 d1 48 bd 06 a7 84 b7 71 68 e5 bd 70 6a 7a 2f 9d da af f3 c1 dd b3 67 5c 7d 0b fd 48 57 26 53 2d f2 e5 3f 65 3e 31 fc 0a 18 5d d3 18 e2 d6 8e 4d 63 be 07 f3 e7 c2 44 3d a6 2f 9e f3 5b 0c ed Data Ascii: /I;+nQ0p=KuSCF>cp4wEX3:v@V<#8C%Q]toYYE%s51xpGg8P,]0h>+%De0tAX9}jhi=gHqhpjz/g\}HW&S-?e>1]McD=/[
2022-10-07 04:04:05 UTC	453	IN	Data Raw: c5 12 88 22 32 0c cd 1d c1 88 74 f4 c8 ab b5 cb 2a 5e d9 01 af 8c 97 92 90 ac 60 d9 e0 28 89 a8 56 c7 ae 6a 4c 8a 85 ca 22 60 04 c0 b1 48 63 4c c3 4d 95 1b a2 ef 4d 9a b5 12 6d 12 38 0e 31 52 2c b6 7a e0 03 bf c8 fe 45 5a db 3a 59 6b 3e 5c 10 34 ce c3 8a 30 ee e5 c0 7f 3f be 5e 3f dc 31 5f 44 f3 ab aa 2e 8f b0 ba 0f a7 f0 61 77 3c 96 5a 8d f6 f5 b1 25 2d 4c bb ea 38 2f d2 be 45 fd e8 f1 ea f0 09 42 ea 51 d9 c8 f9 b2 b9 5a 2b f2 37 9b 55 6d b2 cf b7 77 61 9d 18 0a dd 0c 1c 82 93 44 a7 cb 9a e7 19 2b 61 3e 25 06 d3 2e 00 37 98 c9 94 8c e9 aa 1e d4 02 fb 2c 91 46 7b f0 c0 01 01 69 6b 21 5b 46 4f 87 ab 0d e6 b4 4c aa 38 82 1f 64 bd ce 6a ca ea 56 4d f5 0c f9 96 02 65 d4 ea 15 0d b4 02 da 80 81 5f a9 d1 65 9e 5f ea b9 c7 1d 28 20 5a c9 6a 7d 8e c5 67 b2 73 60 Data Ascii: "2t*^`(VjL"`HcLMMm81R,zEZ:Yk>\40?^?1_D.aw<Z%-L8/EBQZ+7UmwaD+a>%.7,F{ik![FOL8djVMe_e_( Zj}gs`
2022-10-07 04:04:05 UTC	469	IN	Data Raw: a2 1c ec 38 77 ce e8 67 c8 1b 44 c1 b4 37 e9 02 8e 51 b9 c6 ed c6 33 a5 54 b9 a1 39 77 aa c8 da f9 e6 86 66 82 94 7c 7d 79 99 f0 24 4a 8b 51 bf 2a 74 9a cc 9a 5f 52 02 76 95 45 68 ca d1 e5 49 76 96 55 8d 67 5d 2a c1 3b 87 a7 8e 08 8f 77 d0 59 d6 e5 83 f0 12 a6 ca 4a 81 37 dd 1f 93 d7 68 dc 59 b3 f4 55 5b b9 d1 47 83 eb ae 2b 53 e3 ec a3 d4 18 7c 55 e8 d7 19 fa 5d 10 c7 46 28 c6 94 bc f5 61 f5 1a fc ee 6f 0c d0 0c 77 55 c7 91 d3 59 c7 49 bb 10 de 5a 35 df 04 ae 31 22 bb cd 67 19 8e c2 ac 14 3e 9a 47 84 96 a6 c2 5f 9e 99 24 fe 08 d4 58 59 d2 64 c6 ef ca fc 6a b0 21 9d 37 bf 2e 04 cc 21 a6 bc 90 51 ed c2 82 d6 d3 2f 2d 9a a1 b4 5a 04 29 63 9e 72 8f 84 b1 d8 2a 19 9f 79 93 04 2e 4d 99 5e 43 e5 53 63 b4 85 6c d1 99 de 97 6c af 7a d5 e9 77 b5 43 0f 0a 29 99 ba Data Ascii: 8wgD7Q3T9wf\|}y$JQt_RvEhIvUg];wYJ7hYU[G+S\|U]F(aowUYIZ51"g>G_$XYdj!7.!Q/-Z)cr*y.M^CScllzwC)
2022-10-07 04:04:05 UTC	485	IN	Data Raw: cb cf bf fc 89 0d 95 58 bf fc dd 8f 71 be 8e 3a db 97 7f be 4a ff d1 2a 4f 73 8e d1 1e 1a e2 97 e9 b5 e7 f9 50 fb 6f 0f 79 de 2e 52 fd cb e7 45 7e c3 e6 fb 8c 37 5d bf e2 cf de 43 d5 9f c0 fe c3 37 7a 75 b7 fe f3 1f 2e e0 f7 a2 d0 fa f3 97 7f 38 53 f5 cb 27 f4 1f 65 7e f9 e5 e7 f7 4f 3f cf ed ee db dd da ff f3 63 b2 be a7 f8 b8 28 4e 01 f4 be a6 38 d4 50 79 6d 63 2c ac 2d af 5c c6 5a bc b6 38 cf b2 62 d1 7f 7e 9c 2c db 91 23 d7 fe 8d c1 7d b6 42 58 cf bb 16 d1 da 38 f7 f8 af 96 6e 32 e2 ef 1c 4a 6e e9 cb cf 18 58 6d 79 0d 31 da 2e 5c cb e9 54 8c cd e1 dd ff 55 5c 4b a9 96 cc 51 68 8e fa 2c cd 16 e8 aa ee 35 1b c9 7f 7e ff ad 41 f5 35 06 27 16 2a fd 85 65 4a 7e 1a 05 f0 69 71 90 bf 74 96 d4 7c 13 81 c7 7c dc 64 56 f9 da 5e df db 68 ac 31 7e f9 9f 6e 1e f6 Data Ascii: Xq:JOsPoy.RE~7]C7zu.8S'e~O?c(N8Pymc,-\Z8b~,#}BX8n2JnXmy1.\TU\KQh,5~A5'eJ~iqt\|\|dV^h1~n
2022-10-07 04:04:05 UTC	501	IN	Data Raw: 3b 14 e4 36 44 da a9 4c 0e 99 1c 64 06 71 a1 20 da f5 93 d8 db 6a 58 fb 25 1d 18 d4 4f 3b 73 14 4b 84 7d ad b1 44 2d 6f 05 70 8d e9 43 f5 68 d1 0c 6a 17 bd b7 85 1d 1b 4d d9 53 24 46 d5 96 53 d8 30 c2 92 6c 58 5d e9 7c 4b 25 b7 f6 60 9b 82 68 2a ee 5a bf 37 49 62 0d 2d c5 d2 b4 cf 29 ff 70 9b 01 bd ae 1b 10 19 72 bd 7e 9e 9e 92 16 39 74 16 ac 08 50 df 4f f4 cb 20 19 c5 d2 47 cf 56 40 86 b5 8f 5b 03 a7 ad 40 f5 0a 69 9e 12 b7 8b 63 0a 1e 13 b4 2d 85 b7 51 3e 43 78 18 e3 f9 e6 09 63 1e fb 07 84 c5 4e ac be a4 28 76 c4 84 ce 06 0f e5 e8 e2 ad 82 90 94 30 de 4c 2b 28 e1 8f 6f 41 36 a6 b0 6f 02 14 45 47 7a b7 5c 9c 6e 84 6f f3 f3 cd 85 49 8a 9f a6 2f c5 f4 b9 a1 5b 09 f6 b2 42 60 c2 19 ec 41 3e 87 05 7d 81 5b d0 dc 18 81 26 36 3c 4f 54 0f 98 74 c6 76 f8 10 26 Data Ascii: ;6DLdq jX%O;sK}D-opChjMS$FS0lX]\|K%`h*Z7Ib-)pr~9tPO GV@[@ic-Q>CxcN(v0L+(oA6oEGz\noI/[B`A>}[&6<OTtv&
2022-10-07 04:04:05 UTC	517	IN	Data Raw: 0c 71 e6 9f 10 12 12 a5 90 e6 ee 56 22 65 25 1d 0e 0c 4d 4a 71 ad ec 6e c4 cc c5 80 8b 12 86 a9 92 49 74 86 ac b6 14 d2 fe 82 54 e2 6f 06 76 3d 35 16 53 14 e0 cc c9 b2 79 8b 9e cb d5 de a2 7c 16 9e e3 bd e8 de db 75 ec 77 bd cb c9 93 02 3b c4 e2 33 0c ba 10 03 1b cf d1 6a ea 83 d7 d3 52 cc 13 1b 05 1f eb f8 85 f6 d0 17 b1 f5 54 d9 87 1c 1b 6e 48 d1 55 63 4c 32 2a 05 4f 5f 98 f0 36 11 70 4e 5c 99 63 ac 0b 98 5c 0f 7a 09 14 ea 6f 5b ef 8c a7 54 8a 47 9c 0b 48 85 6c f4 9b 4b 2f d6 77 d1 6e 18 ac 4e 4d 3c 5f f6 00 76 3e 5b a6 ed 34 5f 32 5e 1a 76 e7 83 e1 d8 9c b7 b6 69 f5 17 e6 db 52 34 d7 97 1a 92 74 54 77 5c 4f b0 0e 2c 35 0c ee 97 04 5c 95 86 bc b0 c1 46 19 41 7f a2 78 56 27 20 72 d0 f7 06 9a 52 82 7b 17 6d f3 bd ce 41 b8 20 03 ab d3 c5 47 17 3a 8b 4c bd Data Ascii: qV"e%MJqnItTov=5Sy\|uw;3jRTnHUcL2*O_6pN\c\zo[TGHlK/wnNM<_v>[4_2^viR4tTw\O,5\FAxV' rR{mA G:L
2022-10-07 04:04:05 UTC	533	IN	Data Raw: 5c 3b d2 69 33 37 6f d2 2e 23 15 b0 49 41 cc 95 18 84 0e 78 be 8a 16 81 b7 fb 3d 43 c8 90 12 02 7a 10 5b 59 dd 4b c8 ba 9c 0b 0d c7 79 8b 54 6e 96 92 b9 d1 ed f8 d9 5d c7 83 f0 72 f7 51 78 9f b1 84 38 f6 dd 55 5d 5d 67 5a bc 37 43 6f e2 54 e3 ba cb b4 2b b7 13 b8 07 1f 12 3c 81 c3 e5 7b 85 c6 6c ca 22 ce 37 cf 39 c2 96 ec a7 d7 fb 90 9b 64 7a ad ab 06 ec 1b 78 8f 7c e1 75 d3 79 79 a6 90 ec 2f 1e 68 90 f0 ca 00 91 7d 4b 28 5c 61 eb 84 1b 9b b7 a9 e5 fe c1 5a a5 4c c9 b4 e2 3f 8e 94 c8 57 c8 b2 ca 6e 70 86 e3 5c b4 b8 c0 95 90 a0 3c 80 9d 38 fa e8 9b af b2 92 a3 8c 39 70 d7 47 8d e7 41 d5 96 a8 c2 e6 73 69 e8 12 51 1f 99 fa 9d 41 75 55 b5 f8 3c 38 dc 09 46 28 a7 9c 9d 2a 1c c8 e6 3c 32 55 0d 83 de 07 e8 63 e9 a0 89 3f ca 5b 87 79 93 f9 2f 50 d9 fb ae 5d 14 Data Ascii: \;i37o.#IAx=Cz[YKyTn]rQx8U]]gZ7CoT+<{l"79dzx\|uyy/h}K(\aZL?Wnp\<89pGAsiQAuU<8F(*<2Uc?[y/P]
2022-10-07 04:04:05 UTC	549	IN	Data Raw: 76 1f d0 3f 65 47 db 94 4b 41 aa 1f d7 18 91 3a b7 ed 49 a8 ac 3b 35 ad c2 aa 91 a4 b1 c4 3d 48 18 ba 9a 23 7a 8a ec 66 4e 7e 69 79 4a 42 6c 75 52 32 07 c3 1b 6d c1 e1 05 57 65 77 5b 7a 00 d8 26 ae 14 b7 7d 1d 9f 21 5c 59 5e 45 eb f6 0a 28 5c ed a6 f8 de 84 bc 6e c8 ee ac ba 3b c5 03 e0 f8 c6 21 ec fd 6c 77 8f 67 f5 64 36 bf 5b 33 8f 00 ff c6 46 ec b9 40 79 38 bc 1d 90 dd fb d4 d1 f3 0c 89 8d f1 5a f6 57 4f 90 36 9f 21 99 57 94 51 96 ee d3 f4 ef 46 1e 20 8b 19 9c d4 c6 32 5c 83 d2 46 5f 6e 3d 9d 12 61 39 d7 55 a3 22 e0 f5 04 38 66 fd 0b 2f 0f 4f 6f 5c b0 59 46 92 1b 11 72 07 5c e5 a0 84 a3 0a e0 79 49 fb ee f9 77 b1 06 0a ff ee 85 87 eb e3 2a 37 bf 92 0a 72 e0 a5 67 a9 19 9f 20 1b bf fe d5 33 84 eb f4 fa b4 72 94 51 13 03 dd 5b 3e ab 48 11 95 80 08 f7 dd Data Ascii: v?eGKA:I;5=H#zfN~iyJBluR2mWew[z&}!\Y^E(\n;!lwgd6[3F@y8ZWO6!WQF 2\F_n=a9U"8f/Oo\YFr\yIw*7rg 3rQ[>H
2022-10-07 04:04:05 UTC	565	IN	Data Raw: c8 d4 2e 9c 21 05 f0 c6 a0 19 6a 5c 96 58 ea 7e 65 09 81 fa 9a a0 21 11 38 06 27 a8 9c eb d6 06 36 6e e7 ba b5 48 81 a3 82 bd f3 e8 0b df 7a 30 f7 4a 23 4e b9 3a ed b8 fb d9 55 0c ab 91 c8 45 01 6a ca 51 5e f3 b3 20 48 9d b8 5b b8 10 23 c2 3e 3a 67 bc 06 e7 1a ea 5d 99 0b 20 33 c5 d6 12 92 3e 8c 2d 46 8b 62 15 57 0d 6d 94 90 77 93 4c 51 8a 5e 59 93 03 c2 5e 60 09 10 ba 74 6d c6 fd 98 9c 4b 7e fe e7 e5 c3 fd c8 ec 15 df b3 6c 41 b5 4c 36 f2 4d 6c 01 42 e5 05 ee 58 2c 70 80 4c 00 3f 4c 2c 76 37 28 3d 40 ba 07 66 2a 89 e7 ac 63 d9 78 8e 1d bc 74 24 da 3a 21 8d 09 12 8c ea ed b1 eb e0 5d 3b e4 f8 88 f8 bf 00 84 ff 1c 62 0d 5d 7c df e8 00 3a 20 89 0e a0 09 71 4e 47 a0 f4 2c c3 fc 22 0f 35 2b 33 e5 2c 02 d5 31 5b 35 f8 86 83 a4 3f b3 ec fb 32 b9 b0 86 eb be b9 Data Ascii: .!j\X~e!8'6nHz0J#N:UEjQ^ H[#>:g] 3>-FbWmwLQ^Y^`tmK~lAL6MlBX,pL?L,v7(=@f*cxt$:!];b]\|: qNG,"5+3,1[5?2
2022-10-07 04:04:05 UTC	581	IN	Data Raw: 85 71 dd 15 42 6b 2a 84 91 9f b7 be ba 3b 17 99 b3 d5 00 19 d3 95 ee 0a c2 c5 7e bd e6 b7 31 a4 e9 79 c6 a9 ef 45 de e3 52 ad cf 13 92 e4 40 d2 55 7d 4e 93 cc d4 26 be 30 61 67 56 43 1e e7 3c c3 b9 12 49 ac d8 69 47 20 52 a3 96 65 f2 51 a6 97 65 f3 5d e2 3d d5 b8 14 25 c3 83 06 18 91 41 7d e6 ea 86 45 10 9e 32 54 7d 6c 47 29 78 fb 0e b8 e0 59 c2 ad 74 5d a0 49 91 e5 a6 c8 25 19 5f 57 67 f4 4a e9 44 20 f0 ed d3 8b 09 8f 31 a4 a8 90 fa 41 8d 2e 48 12 94 ca 94 70 20 14 e3 a5 68 7f 85 2e 66 2d 34 84 e3 a5 48 e6 2c 77 c8 ba 8b 6a d1 48 83 16 5b 57 74 58 88 47 39 0f 79 5c 36 a4 d2 38 d6 9b 4f 0a 36 61 9f 9d e2 a9 ca 70 6d ba 8a 49 87 2f dc 89 61 4b 1b d8 82 bb 0c 52 f0 ad b4 55 e3 ea d2 fc 6c 8f 5a 96 f3 c5 7b 68 f8 a0 f0 92 43 86 df ae 58 8e 80 26 01 96 41 6d Data Ascii: qBk*;~1yER@U}N&0agVC<IiG ReQe]=%A}E2T}lG)xYt]I%_WgJD 1A.Hp h.f-4H,wjH[WtXG9y\68O6apmI/aKRUlZ{hCX&Am
2022-10-07 04:04:05 UTC	597	IN	Data Raw: 08 03 fe bd e3 e8 74 e0 48 d4 08 02 c7 1a e0 eb 2a b8 8f 98 c4 e9 dd dd 07 b0 62 b7 da b3 01 38 da d8 8d 9e 85 e1 81 b3 d5 64 b6 51 bc e3 8f 3e 61 c5 5d 2f ee 3d d5 a2 12 e7 ca 69 d9 89 a6 b2 fb f4 8d ab 86 79 32 ab 06 8a fd 8f 7e 1d 5a 48 0a d8 88 73 ac 95 d8 85 3d c2 d9 a7 53 f3 b7 a8 c7 45 4b e9 90 cd d8 1f fc 86 80 34 e5 c5 64 b2 d8 5a 72 2b c4 85 9f c5 f9 91 cb 26 87 cc c3 18 0b a5 9f e1 03 35 10 2b c5 cb 58 aa 46 6d 33 6a d0 03 cb da b7 33 d3 96 aa 40 f6 4b be b8 13 b1 f9 aa 3d d2 33 09 d3 d7 c6 a4 c3 d1 ef b2 5f 80 c6 ea a5 82 0c b2 0f 40 e9 1d 4d 4e 56 1f 93 42 2d 9c d6 e8 07 47 8d 77 3b 41 35 69 d2 d3 dd 2f cf e9 c1 79 45 11 58 e8 c4 b4 57 a0 33 18 9a 84 ab 63 db 94 56 52 76 e7 2f 4f 51 99 a8 8e 22 94 04 c6 b8 c9 ad bc 7c 48 d0 21 e6 ca 85 1a 6a Data Ascii: tH*b8dQ>a]/=iy2~ZHs=SEK4dZr+&5+XFm3j3@K=3_@MNVB-Gw;A5i/yEXW3cVRv/OQ"\|H!j
2022-10-07 04:04:05 UTC	613	IN	Data Raw: 81 55 b9 78 c9 00 4f 35 b0 5b f9 51 d9 72 f4 83 16 f6 4a f6 55 6c 1b 6b fc 15 b6 1c 84 c8 75 23 fb 68 c9 8a 1d 7e ac 53 30 cb 27 07 98 b7 ae 9d b4 df 0c d2 8e 14 63 20 2e de 53 e8 af ba 11 8c 27 2f 7e aa 32 4b c4 3e c1 7f f3 03 19 b7 be 33 ed db 05 47 9b 65 96 98 69 bb 39 ef bd 0f 9b c6 83 b7 fc 1f 26 ed 46 ab 2e e7 b7 92 4f 6e 37 79 10 7d 73 ff 56 ec af 7c dc 5d 1c d6 dc 65 c9 c9 4e eb e2 68 77 3c be 1b e7 03 fc 29 07 65 c2 fa cb cf 93 76 f9 83 22 bd 6b 41 51 a5 1b a7 ab 39 e3 a6 ee c4 b9 b9 a7 df a0 4a eb fb fd c9 73 f9 79 df a5 d7 9a ef 6d 21 7f 2b 9d 96 7c 58 7c ff 28 0d 43 ba 6b 4c ae 02 c0 ba f3 37 f3 3c 03 49 57 92 33 bf e6 7e 7e 41 95 b0 c5 5e 45 97 ca 72 d1 fc 49 66 d7 a5 bb 13 f1 cf 47 ea 50 dd f6 8b b1 ab 32 97 55 ff 5d 4c e1 6c fe ae 2a 67 d2 Data Ascii: UxO5[QrJUlku#h~S0'c .S'/~2K>3Gei9&F.On7y}sV\|]eNhw<)ev"kAQ9Jsym!+\|X\|(CkL7<IW3~~A^ErIfGP2U]Ll*g
2022-10-07 04:04:05 UTC	629	IN	Data Raw: e7 e1 b0 ad 0f 42 e8 55 a4 d4 3e c1 e3 25 bc c5 19 bb 58 d8 29 6b 43 ac 06 a1 af 33 5c f4 01 f9 1a a7 5a 9c 2f 82 73 36 05 f6 47 2e ed 46 9d 94 24 9f fd 5f fc 6a a8 38 0f ce 86 4c 49 c8 b3 86 0c 3e 0d 09 ae 05 c2 29 7c 28 f1 1e e7 82 b5 5a 74 9e 8e bc 79 0d ab ff da 6e d4 d1 cb 25 f4 35 c7 af 84 8a 89 77 8d 33 21 44 fa 9a 2e 1e 88 17 c8 81 f8 51 cb b0 11 4b 0e 3d 5a 3b ab c3 9f 3c 9d 89 ff ff 88 8a 89 a7 18 7e 63 5c fc dd 0c 65 61 ca 08 19 70 1e 1c cf c4 7b fe 24 cf 40 5c 09 93 2f 89 6a f7 45 33 ae c3 d9 44 b7 80 6c 13 94 f4 e9 d7 c1 c4 a4 7b 2f c9 c2 f0 0a a6 a4 eb 4b dc 92 cd 05 9d 85 7a dc 0e 9b 21 87 56 0c 91 84 c4 94 af 8e bf f6 a7 c8 1d e7 4a 03 44 4e 73 99 9d fc be 11 20 f8 aa 60 86 c0 eb e6 1c 1e 80 38 f6 fa 0f 90 c0 be fe d4 4a 92 fd 4d 90 23 3d Data Ascii: BU>%X)kC3\Z/s6G.F$_j8LI>)\|(Ztyn%5w3!D.QK=Z;<~c\eap{$@\/jE3Dl{/Kz!VJDNs `8JM#=
2022-10-07 04:04:05 UTC	645	IN	Data Raw: f7 ba a2 b9 d5 7f d6 f0 1b 80 82 98 52 a2 30 fa e4 43 b3 30 74 da 44 0d 72 ea 44 1b e1 f6 09 22 68 a8 06 8d 12 25 d1 8b 10 36 de cd 28 50 5c 78 8d 8d 47 ab 7e e7 a2 53 e0 5c 17 81 b7 41 e0 92 b4 9b 84 1e 43 c6 81 69 45 31 8b b1 94 1c b3 96 9b 3b ea 5f 31 eb ab 52 62 8f 60 82 d8 b2 6d d1 9b d8 38 2f eb 21 6f 23 64 91 51 5f b3 f8 97 ac ae 8c 4b e5 52 08 26 9a fd 69 64 58 4c 1c b3 2a 59 5c b1 3b cc c8 07 e0 8b 23 13 ee 7b a0 58 ae 75 86 9b d4 f6 47 c8 18 c0 89 5b c7 06 26 ee 8e 02 46 de 54 d4 47 e3 d6 fb d0 25 fb 95 0f 2d db b5 77 ca 4d 5a 71 b5 6a 87 c6 37 a7 b3 dd a3 9f 35 60 7c c1 fc 67 ab 84 04 27 53 34 62 84 b8 75 1e ce a7 e2 ae e0 6e 6b 3e e3 31 f4 49 aa ba f1 a9 28 1a a4 55 9f 46 8e e9 07 c3 93 b2 de 57 c6 51 22 7a 62 87 d3 99 30 eb e4 e5 44 83 67 22 Data Ascii: R0C0tDrD"h%6(P\xG~S\ACiE1;_1Rb`m8/!o#dQ_KR&idXL*Y\;#{XuG[&FTG%-wMZqj75`\|g'S4bunk>1I(UFWQ"zb0Dg"
2022-10-07 04:04:05 UTC	661	IN	Data Raw: 78 10 c9 40 54 68 67 98 d6 64 3f b4 c3 9d d2 33 86 41 2e c6 26 57 40 3f 28 ff 1a cd 3d 82 e2 c3 51 b6 02 5d c6 49 73 5e f3 4d 3b a3 e9 64 13 9d 19 7d d0 cf 53 d9 83 4e 75 a3 ed f0 a9 e3 c1 c0 d4 a9 34 cb 3a 48 34 bd 4b d0 cf 8c ce e2 4d 34 4d 19 3e 4a 45 37 95 a5 3c 48 a4 29 cb 87 d3 b3 8f 3f cf aa 93 f2 13 f9 36 53 99 ff da 58 76 b3 fa dd c2 ff 48 c6 e4 08 58 19 1a cd 6d c9 d9 32 44 16 9e ba ac c3 b7 c7 1c f5 38 5d ab 7d 55 88 b7 ff be 3e 30 31 b9 88 a4 4a bc 53 6d 57 9e 12 5e f7 72 0c d2 a5 98 fe b1 01 da 4a 65 da 1e b8 1e ce 74 51 cf df 45 99 83 59 c6 98 2e e5 3f aa ca d2 a5 e0 e4 e1 50 c8 fa b4 28 b5 8a f0 cb 61 98 6c ca db 88 af 67 ae 0a c5 86 b1 89 52 d9 42 3e 70 97 c4 cc f6 d7 cf 50 a4 2b 8a df 53 d4 fc 47 35 81 74 1c f0 16 c6 fc 0f c6 0d 55 4e 27 Data Ascii: x@Thgd?3A.&W@?(=Q]Is^M;d}SNu4:H4KM4M>JE7<H)?6SXvHXm2D8]}U>01JSmW^rJetQEY.?P(algRB>pP+SG5tUN'
2022-10-07 04:04:05 UTC	677	IN	Data Raw: 3c 11 a2 f4 4a 67 07 c5 a4 88 6b ea 25 b7 41 7f 9c c0 42 5e dc 55 05 fa 3b 05 86 ac 6f 87 05 b5 0a af 67 d0 df 57 80 bc 5f fb 93 bd ad 80 08 a6 ca 5d 20 6d d1 e2 ad a6 f5 9e 20 0c d1 7f 40 6f 56 0f 3a f6 ab 67 41 70 7e e7 65 4f e3 8f f5 1f 57 59 dd d0 dd 4f e7 6f fc 09 08 40 51 ae 6e 9a 71 47 6c 34 3a f5 f7 2a 92 a9 38 a3 af f1 59 86 27 0b 0f 3b de e6 f8 0d 12 4b 08 79 b2 96 8d 09 b2 3d 83 53 65 2f ea 27 bb b6 f6 f4 5c af 85 41 70 9d de 8f fd d4 8b 94 cf 56 b6 f2 35 f2 39 bc 5a e6 97 b2 9c d1 e5 bb 23 7e b2 43 c7 a7 e4 9c 8b 8a 2b 7f be f8 17 25 87 03 3d 65 6e 64 73 74 72 65 61 6d 0a 65 6e 64 6f 62 6a 0a 32 38 36 20 30 20 6f 62 6a 0a 34 36 35 39 0a 65 6e 64 6f 62 6a 0a 32 39 30 20 30 20 6f 62 6a 0a 3c 3c 2f 4c 65 6e 67 74 68 20 32 39 31 20 30 20 52 2f 46 Data Ascii: <Jgk%AB^U;ogW_] m @oV:gAp~eOWYOo@QnqGl4:*8Y';Ky=Se/'\ApV59Z#~C+%=endstreamendobj286 0 obj4659endobj290 0 obj<</Length 291 0 R/F
2022-10-07 04:04:05 UTC	693	IN	Data Raw: 01 ca 89 81 7e 28 11 1e 83 5b 97 39 27 2b 7a e2 08 32 26 a0 c0 dd 5b 9f 9d 0d 14 ad d9 fc 54 8a 41 73 04 ae 14 05 c1 ed 54 7b 39 d5 3e 47 bb 8a 7d 1f 56 39 64 0a 0a d3 f1 e1 88 e7 c6 4a f1 76 2a 32 af 0e 3b 3d e4 2e ca 67 af f2 b9 15 4e e4 d9 cb 51 3b 4b 26 46 f5 21 a4 0e 21 e4 d0 b0 e0 c8 80 48 b4 e4 bf 4a 34 31 64 a5 79 18 ff 71 b2 8a ff c7 e9 9e 35 38 47 6a dc 4c cf dd 1c 47 08 8d 97 71 bf 82 5b c3 05 03 2e 3c 55 8c f1 0d ba 23 f5 6b c3 72 4f 10 98 8c d2 2f 1c 37 40 ee 49 25 9a 6d d2 c3 f7 c4 23 e3 d0 9e bc 27 5b 4f 9e 31 21 bb 56 42 4f 14 d6 fc 8e a2 7b 07 a5 71 5c 7f 18 2c 86 4b 1d d1 26 67 3d d0 34 b3 8b 36 ec e0 6c cd 44 3b 0d a4 b6 15 13 58 a0 95 ec ef 53 d1 0f 19 78 d1 80 4d c6 0f 89 f3 63 9f 4d 3f df 96 a2 b1 19 1e 90 63 a2 d8 c7 43 2d e9 8c 0c Data Ascii: ~([9'+z2&[TAsT{9>G}V9dJv*2;=.gNQ;K&F!!HJ41dyq58GjLGq[.<U#krO/7@I%m#'[O1!VBO{q\,K&g=46lD;XSxMcM?cC-
2022-10-07 04:04:05 UTC	709	IN	Data Raw: a2 98 6c 93 67 69 84 c9 4a 7b d0 d6 cd 48 3a 36 06 4d 5b 37 d5 2c 9f bd 6b 1c 44 d3 cb 1a f9 d7 8f 0d d9 d4 49 97 c6 fa 0a d9 44 f6 5a af 10 cd d5 f7 cb ec 69 46 e1 e6 ff b1 a5 a3 00 ec 31 4f 3b 53 5f 21 2e 1c 6d 48 33 73 24 3c 82 79 ea 52 38 52 3c d7 c7 96 8d 18 5e 77 d9 e9 06 cd db e5 b7 0d 9d 7e 0c 19 3b ca b4 e1 cd 58 34 fc 02 9e 20 d6 82 e2 44 75 db 0c d9 88 56 3e f5 91 65 f2 1a 59 93 23 d9 e8 28 9b 6c b4 21 7b a8 5d 71 9e 6f 20 d4 d9 7f 1f 95 5e 00 2e 19 29 fe 94 98 4c 8b a1 54 bc a9 49 46 8a 79 b5 c9 4b b7 8f 96 cb 46 a2 11 e9 c1 73 58 fc 80 f4 ea bb 6c d1 86 b9 1e 5f 4c e8 17 5d 32 62 b0 29 2f 88 2e 19 31 74 54 02 be c5 e0 d9 c4 4b 30 7a 5a 18 67 3c 9d 8d f4 88 a7 6b a3 9a c3 bc c5 d3 9d 00 c5 d3 19 24 e2 e9 50 2e 47 3c 5d 1b ee b0 ee f1 74 6d d0 Data Ascii: lgiJ{H:6M[7,kDIDZiF1O;S_!.mH3s$<yR8R<^w~;X4 DuV>eY#(l!{]qo ^.)LTIFyKFsXl_L]2b)/.1tTK0zZg<k$P.G<]tm
2022-10-07 04:04:05 UTC	725	IN	Data Raw: 8f c9 8b 2f 5c 1c 36 b5 8e c7 e4 6d bd 8e c7 e4 b9 5e c7 0d 10 ae d7 f1 08 bc ad d7 09 88 eb 75 3c 26 cf 75 2c 1e 93 e7 7a 1d 8b c9 db 6a 1d 8f c9 73 b5 8e c7 e4 b9 d2 c6 63 f2 b6 5a c7 63 f2 e2 0b 8b c9 8b 2e 2d 26 6f ab 75 6a dc 67 a4 d7 f1 88 3b d3 eb 44 31 f4 3a 1b 22 bd 8e 87 e4 b9 5e c7 43 f2 b6 5e c7 43 f2 5c af e3 21 79 ce 7d 3d 24 6f f3 67 0f c9 8b 2f 2c 24 cf f4 3a 1e 92 b7 f5 3a 1e 92 e7 7a 9d bd 0e 15 f5 f6 b0 2c bf 76 08 db d6 eb 78 44 9e eb 75 2c 22 cf d5 3a 1e 91 b7 d5 3a 1e 91 e7 6a 1d 8f c8 f3 e3 d6 83 f2 f6 81 ec 71 79 fb 0b 85 e6 99 5a c7 43 f3 b6 5a c7 43 f3 5c ad e3 a1 79 ae d6 f1 d0 bc ad d7 79 1a d7 43 68 5e d3 1b ac 3f 4f 88 1c d9 18 9a 87 05 30 8f d0 bc a6 58 93 af 1d 9a 87 11 b7 23 34 cf a5 45 0f cd db d2 a2 07 e2 6d 3e 15 90 e0 Data Ascii: /\6m^u<&u,zjscZc.-&oujg;D1:"^C^C\!y}=$og/,$::z,vxDu,"::jqyZCZC\yyCh^?O0X#4Em>
2022-10-07 04:04:05 UTC	741	IN	Data Raw: 31 56 09 5d 4c bd 7b 05 8f 51 c9 25 cc 1d 37 d6 eb 0c 1b 67 03 da f0 8e c0 24 f3 44 54 9f cf 9f 21 3f 0a 7e 4e 62 16 66 b9 ed 85 f1 a0 b5 cb ab 99 a8 f4 52 24 e4 c1 20 e5 71 c0 b7 7d 80 fc ed b6 d3 96 54 3e 8e c7 d0 39 4a b6 92 e7 30 5d 18 e8 fe 78 87 c0 ef 19 31 ef d5 79 dc 1b fd e6 ef 9b 59 52 55 e3 24 37 7f 78 41 dc dd 1f af 93 d8 64 86 92 84 b5 ab 68 3b 17 18 31 ad e3 0f ad bc ac 57 47 e4 cc 4d f6 ea f4 87 d5 e7 eb dc da 50 fb 62 f1 3b 58 7c 41 4e d1 de c8 24 5a 2e 14 7e b4 68 0c 93 97 df 07 2f ee bb ee 84 67 a9 59 3b 10 af ed 3f 5f bb 92 e9 a4 70 dc b0 d2 9d cb 0f ff c7 ec b5 6d 1d 6f 7b 8d f0 9e a6 f8 02 9c dd d8 2a ff 91 98 6a 39 bc 78 c7 31 af b6 30 ee 18 2f 6f 34 91 fd ec e2 ee 66 ae 5e 3b c6 25 00 7c 71 78 20 37 6d f0 67 01 5a c9 9c 4b d3 e5 b7 Data Ascii: 1V]L{Q%7g$DT!?~NbfR$ q}T>9J0]x1yYRU$7xAdh;1WGMPb;X\|AN$Z.~h/gY;?_pmo{*j9x10/o4f^;%\|qx 7mgZK
2022-10-07 04:04:05 UTC	757	IN	Data Raw: 01 df 95 5d ba fa 24 ad c8 e4 9d 57 8c 96 20 fd cb 9f e1 d8 39 d6 78 dd da 85 75 fc 14 de c7 b9 8e d4 80 49 28 e5 37 1c 88 e1 6f c8 e8 e7 d0 32 7c d2 d4 6d d0 61 5c d7 77 a9 02 2d d6 af 48 47 bc 63 85 37 bb 9a dd 74 d4 ca 66 ac 6b 89 89 9f ef c3 a5 4f 91 c2 7f b0 ba 38 09 37 d8 01 48 f4 5e 56 d6 16 dd 07 80 f1 46 49 08 ea be 38 fb 1f 86 95 7d b2 65 6e 64 73 74 72 65 61 6d 0a 65 6e 64 6f 62 6a 0a 33 32 36 20 30 20 6f 62 6a 0a 34 33 34 30 0a 65 6e 64 6f 62 6a 0a 33 33 30 20 30 20 6f 62 6a 0a 3c 3c 2f 4c 65 6e 67 74 68 20 33 33 31 20 30 20 52 2f 46 69 6c 74 65 72 20 2f 46 6c 61 74 65 44 65 63 6f 64 65 3e 3e 0a 73 74 72 65 61 6d 0a 78 9c c5 7d 5b 8f 65 b7 71 2e e0 c7 c9 c3 f9 0b fd 76 f6 00 ee 9d c5 3b e9 3c 39 89 e3 38 48 82 c4 92 1f 0e 92 00 47 99 91 e4 86 Data Ascii: ]$W 9xuI(7o2\|ma\w-HGc7tfkO87H^VFI8}endstreamendobj326 0 obj4340endobj330 0 obj<</Length 331 0 R/Filter /FlateDecode>>streamx}[eq.v;<98HG
2022-10-07 04:04:05 UTC	773	IN	Data Raw: 74 6a 12 88 41 c6 9e ea 90 a1 4b 32 38 75 b3 00 64 6c 16 cc 6d 1a 64 f4 db 66 b5 86 74 fc a0 c2 2a 52 9f 98 97 91 bb 4a 04 21 53 8c b1 28 02 01 9d 38 77 49 bd 28 77 14 a4 d7 f0 ed d0 ee 15 d5 2f e9 e0 81 5c 4a 32 fb a2 33 4c 06 97 0f c6 77 c4 6e 8a b4 50 08 8e 59 f1 18 da 43 c0 22 c9 10 20 9a c7 ed 03 69 50 79 d1 b2 d7 09 00 45 e0 e8 70 59 6c 37 26 81 bc aa 6f 2d 78 08 81 1c 65 d0 94 a4 8d 8f 18 c5 91 1f 24 7d ca b7 c1 d6 24 8f ea 04 4d 22 a9 f1 40 cb 43 3f d2 77 81 a8 20 91 ca f0 fe 3d 26 d6 20 89 2f f3 4b 0f 4e 48 c3 4b 8c 31 84 76 5e 29 e1 94 3f 70 c4 48 68 c5 13 29 b8 82 b6 1b d3 90 d5 79 b5 5a 2f 91 1d e2 c4 ac 2b e0 93 68 09 0b be 68 90 e3 04 89 55 2c fe 68 b5 86 8c 56 bd 8e 91 0c f6 d4 0f 43 e6 9e b1 37 58 16 ad d6 90 d6 8a 8c ae 31 f9 00 c6 f2 cc Data Ascii: tjAK28udlmdft*RJ!S(8wI(w/\J23LwnPYC" iPyEpYl7&o-xe$}$M"@C?w =& /KNHK1v^)?pHh)yZ/+hhU,hVC7X1
2022-10-07 04:04:05 UTC	789	IN	Data Raw: 1c e7 66 da ad 12 c3 ac e5 26 4d 92 dd 9e ae b3 70 7c 29 c0 c3 89 bb c8 64 71 60 04 57 0c 8f d6 e1 2d 0b 99 7f 79 e2 91 8c 87 f5 27 8c 86 7e c2 9f d6 90 23 65 96 d1 91 8c 89 c4 f9 1d cb 3d 0c 25 5d 4f 60 21 4c b1 1c 0d 73 23 96 a7 0f 11 f4 52 ca 97 fa cc fc 95 01 58 44 83 46 e8 0c d6 ca f5 de 3a 98 b0 96 bb d8 cb e5 c8 c3 f4 0c f8 a4 88 a6 9b 00 29 db ce 4c cb 06 5a 1d f7 33 20 81 d0 89 d8 03 52 3b 1c 28 fc 94 d9 1d e1 0d 0f 88 60 4c 5f 3a 1b 2c 44 44 89 af 95 52 f5 eb 4b 29 04 d0 60 87 47 d7 cb 97 6f f7 89 a1 e8 e2 8c 30 34 80 be 2c 67 e1 e3 24 e7 00 6f 9f c1 67 29 86 85 90 71 0a 2d 66 bb 21 62 d1 ce 40 cd 80 5c a6 3d 62 72 67 34 c6 08 02 2d 8e a1 2f c1 21 62 72 8c b4 24 f8 60 a6 25 f0 9b 38 03 22 f8 cd 1a d6 11 5c 20 1b 50 07 f0 df 98 08 dc 0c 2c 68 29 Data Ascii: f&Mp\|)dq`W-y'~#e=%]O`!Ls#RXDF:)LZ3 R;(`L_:,DDRK)`Go04,g$og)q-f!b@\=brg4-/!br$`%8"\ P,h)
2022-10-07 04:04:05 UTC	805	IN	Data Raw: af ae 43 82 df e2 70 65 33 45 6d a1 6e 41 ec da 81 e2 10 aa ef 45 1c 22 d7 c5 2d 0e a7 cd 2e 17 87 01 c7 b2 73 8c 8b c3 69 ea c6 c5 e1 1c 72 1b 1e 71 08 22 2e 71 b8 b2 6d b9 4d d8 59 2f 8e 38 c4 2b 74 cf 25 0e cb c3 28 3f af a0 e8 5d 81 4b 1e 16 5d 7d 0a 79 88 c7 f0 c6 91 87 0e 46 1f 02 21 79 18 9f 9b 3c 8c 06 42 1e 3a 05 2e 10 9d c2 e0 f3 eb 48 fc b2 b1 39 2a f2 b7 1e f0 ab 97 4c 44 ab f9 92 89 38 8f 1b 2f 32 b1 24 86 8f 85 30 28 0a 6b 0e 61 11 f0 e9 98 63 4c e0 44 0d 26 90 bc 8d 23 b2 9c 0a 17 6a 4e 65 08 3d eb c7 25 16 17 b7 35 a7 c4 6c b6 d2 4c 2c ce 64 db be 90 bb 83 4f bf 1f c9 ac db ab 47 72 3b 7c 26 99 63 5c fa 7b 0d 2e 16 ad 8d 4b 2c 1a 15 21 16 8d ca 10 8b af e3 41 b1 c8 bb 4d 6e 19 d3 b8 0c 0c fc 72 58 76 b8 46 92 cc 95 07 63 1a 97 3a 92 2d 28 Data Ascii: Cpe3EmnAE"-.sirq".qmMY/8+t%(?]K]}yF!y<B:.H9*LD8/2$0(kacLD&#jNe=%5lL,dOGr;\|&c\{.K,!AMnrXvFc:-(
2022-10-07 04:04:05 UTC	821	IN	Data Raw: eb 9e c0 f3 2d 8d b8 7e 19 db 98 a6 b9 0e d6 cc 44 2f 3b bd cb c2 e5 69 81 46 9e e1 e9 8c 1b c4 c6 8c f6 98 d3 90 ee 33 a3 e1 66 87 b0 30 2d 42 00 b5 29 2d 07 bc 71 31 bf 0d 29 1e 08 f9 d7 9b 55 04 4b b1 49 cd 61 a7 7a c7 e3 97 48 0a 75 75 8d 77 c9 22 2c 2a 27 85 cd 15 a4 4f 34 c5 98 1d fb 68 a3 0b b1 9e 7e c7 33 6f 7b ac 51 2a 06 3d bc 55 80 5b bb dc 69 54 a9 20 5c ba aa 2d 4a 23 13 60 5b ed 07 60 5c 92 9f 60 54 e9 82 70 1d b2 c4 c5 12 ee 0b 33 a5 5b 2e ba 8d 6f 0d 46 f8 92 c6 06 72 89 83 2b 41 56 e1 92 0d 0b 20 59 8c be bf 1f 77 49 94 30 00 eb 19 4e 5b b6 80 13 0a 6e 16 3e a0 28 b4 86 a3 ae 86 95 37 a3 1c 09 88 eb e4 44 9e b5 bb 0b bb a9 78 96 a3 f1 31 9b af 46 79 45 6f 37 ae f2 ff 8b 3a b9 d5 46 87 22 bf f7 5a ac 85 3d 2e 34 a6 98 b9 d1 a9 6c 2d f0 dd Data Ascii: -~D/;iF3f0-B)-q1)UKIazHuuw",'O4h~3o{Q=U[iT \-J#`[`\`Tp3[.oFr+AV YwI0N[n>(7Dx1FyEo7:F"Z=.4l-
2022-10-07 04:04:05 UTC	837	IN	Data Raw: c5 1c d7 a8 e4 5d ef e3 1a cc d4 8d db 11 4c a7 1d 90 f6 e0 fc f2 28 3d 1f 02 0a b7 22 11 c6 5e dd c7 92 bf 3d 08 9c fb 6b e5 da e9 e0 0f 9c f7 91 fe 3b 2f c0 8e 18 0c bd 4a f7 ef e8 f1 03 1d 65 dc 3d 07 ec 0e 0b 5f f4 68 c4 b9 1a e7 c5 a1 db 23 4c 98 91 e0 e0 6b ed 1b 4e 86 cc 80 5c b2 e7 bb f7 86 37 8f 4c af dc 44 1e 9c ab 8a 14 3a 7b df 4a 41 66 cb 59 4f 48 fc 49 ac 3e f9 de f0 a2 dc 3b fe c7 e8 f8 ee 49 88 7c e2 33 8f 17 68 df cb 15 d2 f3 08 d7 47 04 45 8f 76 50 c6 fd ed 10 90 2c ff b8 cd e0 ea 9d db 15 d4 e6 83 b6 19 f5 9e bf f4 73 9d 44 d9 89 e9 8e 7a 3f 1e 35 fd ad 8f 35 f6 4f 3e f0 f3 04 55 4e 3b f8 d0 2a bc 7a da 61 41 1d 1c 41 d7 b5 97 e5 37 0f b7 0d ed 80 5a 3c c9 76 fc dc 49 14 9d b3 04 4c 87 ea 3b 95 0d b1 7a 7b 2b d7 ad f9 5a bb 6f 6f cd f5 Data Ascii: ]L(="^=k;/Je=_h#LkN\7LD:{JAfYOHI>;I\|3hGEvP,sDz?55O>UN;*zaAA7Z<vIL;z{+Zoo
2022-10-07 04:04:05 UTC	853	IN	Data Raw: 19 02 28 33 06 44 86 6a 95 e7 5d 45 02 fa c2 0a 19 40 ec 14 1c 8a 84 23 da 51 de 7a 03 07 ea 8c 1a 5c 40 3d 02 df 19 a1 4c d8 be 20 6c 9a 34 82 d3 6c 7b 5a 00 83 29 d8 62 94 e9 7f bb a4 0c 5a 92 42 0d 20 14 d3 d4 df 2e 32 77 4d 24 f7 45 dc 96 19 2c 1f 7e 5b 08 17 6c 1c c8 40 c5 6f 4f 98 e2 43 e2 54 09 44 81 03 2f b7 09 df c2 12 8f 15 6f c0 51 0a 60 ae 8f 09 a2 f1 c0 ba 94 eb 5e 2e d0 23 02 06 fe c0 d9 f5 b0 3b 1e 09 0e 37 09 a8 02 a0 54 0b 7e c9 18 2b e0 dd 26 15 5c 3e 30 1d 84 14 48 bf 08 05 34 0f 6c 3c 7d 2a 25 60 93 66 4b cf 66 5f 13 16 f9 3a 7d 09 a6 e6 78 c7 c5 42 89 21 18 6f 37 57 70 82 c6 00 f7 c7 03 64 74 bd 59 b6 b8 7b b5 10 8d 10 e1 88 08 a3 14 28 cf 37 42 68 7c 4c 53 64 68 ec d5 e3 46 04 63 ce 6f 71 18 30 f6 61 db 01 f8 31 cd f0 4a 33 ca 1f 5f Data Ascii: (3Dj]E@#Qz\@=L l4l{Z)bZB .2wM$E,~[l@oOCTD/oQ`^.#;7T~+&\>0H4l<}*%`fKf_:}xB!o7WpdtY{(7Bh\|LSdhFcoq0a1J3_
2022-10-07 04:04:05 UTC	869	IN	Data Raw: 10 1c 3a 92 f1 82 d8 c3 96 bc d3 b0 8a 0b f2 aa 90 1e 1d 5c 56 32 58 f1 d4 79 fb fd 61 6a 14 0f 7d 58 48 72 29 6f cb ef d6 25 49 b6 ae ae 5b ff 77 8d 5c 1e 8b 60 38 8a 18 b8 2a f8 30 09 19 c6 47 97 6a 34 a6 0e 43 cf 48 35 26 cc 50 1c e3 9e 0c 19 68 94 83 4b 5d b3 37 e6 38 50 10 3c 38 28 d1 08 94 bf 1e c5 9d c7 40 74 12 de c7 06 84 65 50 f7 a7 53 0b f6 cc 61 81 75 f3 69 5f d3 3c 21 6d c5 61 30 91 2e 07 56 72 6a cd 04 24 b2 bb 26 71 11 94 ea 54 c9 96 88 19 24 82 9f ef 2b e5 d9 1c 15 aa fd 7a 37 b5 5d 4c 6d 94 fb 2a 4a 7e 19 3a c8 a6 11 4f b3 31 1b c9 3d 93 1e 20 e1 0c ac b6 5e 15 d2 21 e1 7d 43 55 54 58 c3 12 b1 21 55 f4 f3 58 b5 07 96 81 40 94 4c b5 18 45 a1 4f b5 26 26 89 b4 f0 92 54 0b b9 81 4e 35 d5 b2 8f 79 b2 47 62 6d 47 a1 9c 08 b5 a1 a4 99 03 8e a7 Data Ascii: :\V2Xyaj}XHr)o%I[w\`80Gj4CH5&PhK]78P<8(@tePSaui_<!ma0.Vrj$&qT$+z7]LmJ~:O1= ^!}CUTX!UX@LEO&&TN5yGbmG
2022-10-07 04:04:05 UTC	885	IN	Data Raw: df 12 b7 c4 04 f3 18 25 9c 83 97 b5 55 9e 72 00 6d c9 72 fb 33 25 5d ad 0e e2 29 51 ba 93 4d da 04 49 50 82 55 ef ea cf 5d e3 45 23 6f a6 8b 04 3c 06 1a 3c dc 0b 1e 28 6b c8 c4 c7 bd 52 c7 85 c5 70 5e d5 a0 1c d3 a5 bd 26 59 bb 5d 5b df b6 56 d1 93 b0 ca 83 c6 ac 95 bc 69 0c 3b 2a a6 a1 72 19 44 f7 00 26 5a dd 2c cc 6c 4c 3d a2 dd 11 61 a6 85 17 62 43 7e 2a 04 ff 38 99 8c 6c 57 52 96 23 a5 45 83 a6 11 38 3c 59 4b 6d 12 f7 ff f6 a5 47 2f 97 53 6d d2 65 63 ed c8 ee 06 dd 65 cc b4 66 90 41 b6 c1 73 04 b9 83 57 0a 3e 74 91 b3 23 bb a5 cf 77 ca 1b a5 18 3b 4b 71 53 78 ca 0d d0 18 72 16 31 4b 9a 56 4e 0a cb 8b 3f 2e b9 52 9e 87 b0 f8 7c a2 fe 6b 4b db ef 26 ea bf 85 0a 25 ed aa d2 b6 34 b6 a6 8f 9c 47 40 f6 18 9d 98 d6 40 7b 00 46 59 5a 85 87 64 a8 95 a1 db 47 Data Ascii: %Urmr3%])QMIPU]E#o<<(kRp^&Y][Vi;rD&Z,lL=abC~8lWR#E8<YKmG/SmecefAsW>t#w;KqSxr1KVN?.R\|kK&%4G@@{FYZdG
2022-10-07 04:04:05 UTC	901	IN	Data Raw: 4c 64 67 b2 3c 96 fe 81 db 19 cf 24 8a 3d 87 36 c3 50 bf 06 a5 e5 a7 58 fd c7 25 4d de 29 22 10 24 41 71 92 cb e5 59 f6 21 e5 20 46 5f 7d e8 dc 9a ea 64 c1 49 88 e5 64 fb cd 7e e1 20 d9 57 6f 67 23 3e 1f 48 7f de 59 b5 6d e4 c7 0f c5 02 d4 32 47 4f 24 dc 1a be 9b 87 4f 8d 25 bd a8 cb b8 8d c4 9a 26 64 1f 2a 7b 4c 3e 64 4c f1 21 9e 6b ca ae a5 20 18 cf 93 c9 61 c5 47 0d 40 78 33 00 ac 34 3c 73 1c f9 d4 d7 1d 20 72 68 58 3d 65 2b 94 c8 b4 d9 2f 50 90 68 33 df 63 a8 d7 01 92 1f af 8d a3 ac ff 58 e3 90 b3 71 8c 39 74 5b c8 b0 5c 48 30 00 6b c3 12 0d d0 01 94 b1 8d 33 31 7f 63 21 7b 15 4a f3 6b ee ea de fc 13 3d 16 6b 18 35 1c de e5 67 37 a5 ee ac 16 3e b5 8a d3 da 9c 27 8d 14 4d 9e e4 76 7c 2e fa 7c c0 06 5b 83 cd 79 48 03 f3 4d cd a8 73 f2 37 aa d7 2d e7 6d Data Ascii: Ldg<$=6PX%M)"$AqY! F_}dId~ Wog#>HYm2GO$O%&d*{L>dL!k aG@x34<s rhX=e+/Ph3cXq9t[\H0k31c!{Jk=k5g7>'Mv\|.\|[yHMs7-m
2022-10-07 04:04:05 UTC	917	IN	Data Raw: 26 34 31 6a 09 e9 5f 75 4f aa 32 4e 92 49 48 48 8a c6 ad 20 ae c2 c5 15 38 e8 de 54 6b 69 5a a1 c0 4e 30 ab ba 7a 1c 34 0a 00 71 db 55 97 de 3d b0 dd 21 7f 6b 82 59 4e 08 a9 b6 c2 9c 9e d5 bc a4 c1 19 6f 3f 30 d6 54 98 23 15 ec 3b a8 30 c7 0c fc d4 0a 73 c0 db 98 23 71 66 c4 54 f4 ab ba 41 07 84 c3 e1 9d ac 03 14 d1 93 ef 79 05 54 20 d8 3c a2 83 01 59 7e 9c 0f 90 b0 80 85 5c e0 03 f0 f3 c8 7c ff 31 97 94 0e 57 3a 90 2b a2 34 b5 88 4b 08 13 01 89 a3 a5 fa c6 93 34 84 ca 75 b3 6d 13 bf a4 bf 84 4b aa 76 34 8c 1f 57 03 40 07 7e ee b8 2e d6 d8 fb 5d a9 2a 12 6f a3 99 85 bb 49 f0 1e 8d fc 3b ba fd 87 c8 e3 b0 7a ad 3f b0 2b 73 6d 66 82 cb 8d 12 c3 09 ad 81 08 da a2 ce 72 3f 3a ed 4d b7 ac 5a d5 ac a4 04 4d d5 c9 9b 22 10 a1 97 2e cc ce 59 60 91 e2 05 28 fb 6d Data Ascii: &41j_uO2NIHH 8TkiZN0z4qU=!kYNo?0T#;0s#qfTAyT <Y~\\|1W:+4K4umKv4W@~.]*oI;z?+smfr?:MZM".Y`(m
2022-10-07 04:04:05 UTC	933	IN	Data Raw: 99 61 73 7c 38 be d7 7b 6f 1d 80 b6 1e 58 ef f8 2a 3f ab fa 6e 9f d4 5d 90 bf 14 17 a6 ee f3 59 1c 78 c6 6d de 89 70 e5 2d ff 81 0c 6b 56 62 d1 fa be 1f f3 6d 23 a0 70 ec a2 b1 a6 d5 cd a6 47 35 08 bd cf b5 71 64 c0 54 e3 16 d6 85 c1 95 35 c7 e9 ce bd b2 1d 89 1d b0 9e 06 b9 5e 6a f1 be 21 45 2d fb ae 3a a9 68 9a 86 ca 97 8f 24 c2 0c 33 ae 5d 97 0f f4 bb 5a f5 ff df 40 6b 09 cc 6c 7a 35 15 16 6b 3f 43 ef f6 89 f7 d9 b6 77 13 cc 10 e7 59 d9 1c f2 a5 47 7f 30 09 1d c0 b4 b2 82 40 9a 90 65 16 a2 74 da c3 3f f3 60 44 50 a9 0a 3b e6 6b 1e a0 95 42 c6 b8 2d cf 21 9f 0b f1 d5 21 e6 2e df 10 f3 c2 15 6a 99 40 2f 8d 18 97 18 f4 c8 0b e4 d1 e7 7a 73 16 e9 84 05 85 0a 61 61 a3 52 05 83 05 2e 90 a9 88 5e 8b 99 f5 4b 78 fc dd fa 7d 53 fa 8e 44 c8 d7 3f e0 02 7c 63 ce Data Ascii: as\|8{oX*?n]Yxmp-kVbm#pG5qdT5^j!E-:h$3]Z@klz5k?CwYG0@et?`DP;kB-!!.j@/zsaaR.^Kx}SD?\|c
2022-10-07 04:04:05 UTC	949	IN	Data Raw: 5e 4c b0 34 32 0d 0c e0 fb 7d f1 91 aa 33 67 46 74 c4 8f 19 16 e7 dd b7 59 77 9a 4d 50 32 fd c5 40 7d 76 91 0d 9a ca 2b 1b 7f 3c 22 43 1a d5 79 bf 0c a6 0c 3f 32 55 7c 6e 2f 41 14 6a 91 79 bd 53 53 80 34 36 73 f5 5f e0 01 f8 b9 c4 de 47 4a 3d 1e 15 8c 4b 91 a7 f5 3c 56 5f ab 33 42 53 1e c2 1a 54 d0 47 e7 5c 9e 2e 23 76 3e 78 06 59 22 17 09 e6 48 b0 f3 05 5f fe ac aa 75 dc 54 14 47 99 88 38 a7 96 3c ba 26 6f 9c 4e 3c 99 02 87 1f f0 e7 b2 22 04 d2 0b 45 73 6b d3 2a 2e 85 4f 9e 7a 69 90 92 02 39 ec 4e 84 1a 39 d4 a4 c0 31 ae 7d 93 66 54 9c 11 38 5a fe dc 93 0a 95 83 26 48 90 90 0b 14 2f fc 70 21 44 79 6b 6b 8a d4 91 7f cf 05 b9 79 5a 82 2f bb f4 94 d0 8c d4 75 86 bd 0a bf 17 e9 83 90 93 2c 78 61 dc 2b 76 59 0f 09 2a 55 30 7e 78 86 f0 78 4c de 19 bc 6c 02 32 Data Ascii: ^L42}3gFtYwMP2@}v+<"Cy?2U\|n/AjySS46s_GJ=K<V_3BSTG\.#v>xY"H_uTG8<&oN<"Esk.Ozi9N91}fT8Z&H/p!DykkyZ/u,xa+vYU0~xxLl2
2022-10-07 04:04:05 UTC	965	IN	Data Raw: 88 68 4f 27 7c ac a7 18 3b b4 07 c3 9d b1 02 21 c7 db 24 05 54 e0 62 20 5a 58 91 84 25 01 fc 8f f0 82 d6 26 2c 3d 91 e1 27 67 f5 12 ca d8 97 1b 2c 2d 41 36 9c 72 c9 fb 04 aa 39 09 ba fe b6 4f 5b 3d 60 41 c6 5a 1d 57 60 7f 48 12 33 f8 79 99 fb e0 aa 60 a2 29 a3 19 ce 39 72 4f 15 a6 d7 7d 70 3a 07 49 6e 0d 52 b4 2d 02 d6 3a f8 dd c3 ba b7 87 b7 83 19 f9 4a 7f ec f3 dc e5 21 4d a3 e1 50 f9 e1 f1 57 d9 70 4e a9 67 26 09 08 bf 0e fe 80 19 39 0d 1e f9 3c af f3 89 18 7f 38 96 65 81 0b bf 47 61 19 67 a5 38 f5 72 49 fc be de b5 9e 82 b1 87 de d4 28 70 8b 0e 02 6c b9 c3 87 b2 a6 95 34 bb 02 e0 b3 a8 4d 2c ca 31 79 0d 56 d9 ab 8c d1 d9 42 c4 ab ca fa c9 9a 25 f1 aa b5 4b a2 8f 37 4c 4f bd 4b 6a 19 20 5a c1 cc fa 6b 25 f9 5a 0c 02 6d 46 23 cf 9e e1 6f a0 b1 ce 6c c2 Data Ascii: hO'\|;!$Tb ZX%&,='g,-A6r9O[=`AZW`H3y`)9rO}p:InR-:J!MPWpNg&9<8eGag8rI(pl4M,1yVB%K7LOKj Zk%ZmF#ol
2022-10-07 04:04:05 UTC	981	IN	Data Raw: 6b af 48 71 4e 90 33 a2 0d 93 c9 69 f6 66 ec 54 e4 9c f6 38 60 b5 71 1a f9 d9 2c ef 86 62 9c 42 37 51 0c f7 81 f5 a9 55 9d d5 48 1b 40 2e 56 28 3b 23 5f c6 28 92 49 d9 ea 08 28 bd d9 c3 20 2d b5 e1 dd a6 21 73 03 ed a8 58 cd 58 3a 56 68 56 dc cf cd 92 43 68 92 51 fa 5f fc 67 b8 b9 ad 8c 0c 44 41 5b 10 d8 29 5f 96 2d ec 95 5f a2 12 39 d1 54 3c 6e 19 26 e1 21 c3 74 01 bc 58 e3 21 d7 36 07 5a 55 19 55 d0 2e cf 7e bc 24 93 d0 d9 88 47 e8 5f f6 ae 54 dd 92 e5 5b 04 1d 0b 03 69 a0 b7 27 b3 73 97 44 5e 09 37 db b1 c0 e6 c7 25 b4 b8 a1 d6 31 58 39 37 76 1b 18 68 6b ee b4 9a 16 2f 40 ca cb a4 05 0d 83 9d 39 14 2e 47 b6 fc 9b f5 e3 71 75 c7 80 13 77 5c 0b b5 ff b7 e3 82 31 4f ac 2e a3 6f b3 9f 03 53 2a 38 31 25 43 c8 88 c9 ba 35 12 73 fa c4 be eb 59 e9 9b c0 97 fe Data Ascii: kHqN3ifT8`q,bB7QUH@.V(;#_(I( -!sXX:VhVChQ_gDA[)_-_9T<n&!tX!6ZUU.~$G_T[i'sD^7%1X97vhk/@9.Gquw\1O.oS*81%C5sY
2022-10-07 04:04:05 UTC	997	IN	Data Raw: 9b 80 11 6b 52 c8 a6 cc 63 75 e5 90 75 49 4b b6 24 36 0b bd 3f 63 37 37 d6 ac f4 c1 8d 71 4b f4 f8 c5 2d 7c f1 36 b7 0a c9 fa c3 fb eb 1b b3 ba c5 59 7b 78 86 24 58 20 de 1c ee 3e 20 69 76 5d 5d 72 d0 9c 9a e8 d5 1e 4e f4 ec e1 6b 5d 9a c7 a8 ed e1 cd f5 ce 8d b7 8c 9c d3 2b f6 e3 c7 bd fd fb dc 8b f1 fe c0 07 fa 99 b5 fe 81 75 59 da a8 a0 cc e1 f9 4e e4 7b c6 ca 23 6f 2f 46 72 76 49 5e e3 fa da 00 84 ab 58 d9 6e 1d 4c 48 12 48 f3 4c d0 84 b1 e2 74 62 3f d8 e8 af af d3 92 5c 4c 75 b8 4a 12 71 d3 b8 c3 af d7 b0 80 eb 1a 25 47 f8 14 ef 6e 0b 33 b5 3b bc 63 ef f9 bc de b6 2c 29 cf 8c 26 fe fa ee 63 e9 12 e6 f0 b2 e3 7d 9e 4f 59 4d 9b da e5 c9 b3 d7 5a f4 c8 be e4 4b 75 ba 46 f9 32 2a 2e 3a 78 90 4d 92 2b 22 dc ac 1a a4 be fb ae 88 bf 98 ff e9 43 1e d3 1b 73 Data Ascii: kRcuuIK$6?c77qK-\|6Y{x$X > iv]]rNk]+uYN{#o/FrvI^XnLHHLtb?\LuJq%Gn3;c,)&c}OYMZKuF2*.:xM+"Cs
2022-10-07 04:04:05 UTC	1013	IN	Data Raw: 0f d7 60 26 03 be 19 65 70 1a bc 13 14 f9 76 99 3b 09 36 3f be 6c d7 01 9d 5e 1b ab 04 a2 77 5d b0 f0 14 98 3a 40 1c d2 70 30 e2 a4 d5 27 f4 ef c6 95 af af 13 5a 0e c9 0e 94 d4 b2 0c c8 d5 9b 6d 6a 66 9c 31 8b 13 d5 01 6d d3 93 fa 23 37 c2 08 0c bd 12 b4 4c b3 39 cf 50 ef a5 f8 e5 24 7e bc 5b 40 81 03 e2 6c 2d 25 05 b1 63 74 20 ca ed c2 8e 8d 68 cc 00 4c c5 0a 04 ab e6 37 d7 2b b7 31 36 e5 8b dc 6c 14 48 9c 64 67 20 2d 5b 1b 5c 67 ae 53 0a 96 c1 1d f2 eb 51 d0 1f 6e 0b ff e8 d0 9e 28 bc 8f 4a 8a d6 77 8c c8 5b aa a2 89 ec 3e 55 d1 a4 b1 ef 9b fc c0 67 7f 59 26 04 57 ac 56 05 38 47 eb 2f a0 37 07 06 dc ea 75 15 f1 bb 8a e8 d6 61 ca 84 52 d6 81 11 f2 70 94 03 00 d5 e1 bf 39 e1 96 b1 51 2a 63 46 ce fc 9c 9e 96 d1 c0 f5 03 91 cd 3e 5c 04 19 78 27 a3 8d 7d 92 Data Ascii: `&epv;6?l^w]:@p0'Zmjf1m#7L9P$~[@l-%ct hL7+16lHdg -[\gSQn(Jw[>UgY&WV8G/7uaRp9Q*cF>\x'}
2022-10-07 04:04:05 UTC	1029	IN	Data Raw: 77 b4 95 10 81 bd 6d ef 68 6c ac ff bd 9d d6 31 0c a9 35 9f e5 83 71 b7 a9 06 97 25 e8 31 8f b3 76 62 ee f2 4e a9 1b e4 e4 b4 8b 34 00 4b 22 0a c1 4c d8 92 4c 3d 1e 5f ac ca 94 85 c0 7e 0a ae 99 ca 14 a0 0d 67 3e 0d 2b 15 a6 89 a2 0f 50 c6 da 6a dc 2e 79 35 d0 b0 e7 4c 2d 94 64 1a 56 71 7b cc 33 b7 40 b1 ce 88 b2 3d a3 a4 8b df 2b 7a 32 29 a2 9a eb d3 cb 4b 25 34 95 03 8a d9 4f 08 c4 78 4c bd fe eb a8 90 94 6a bd 96 91 5a 2b 66 28 ff 1c 0f 53 10 8a 7b 10 01 ee f4 71 da 95 72 a9 77 f7 69 94 ca 48 45 31 1e 32 5f 48 51 09 de bd 6a 9a 5e 78 69 9a 22 06 4a 50 67 06 c0 ce 81 52 81 0d 97 89 b4 2f 1f 30 d8 0f 35 de 77 5f 5f cc 7d c8 d4 b0 79 ca a5 38 41 72 47 36 ba 09 d0 fa e0 8e 9d 8c 84 b5 4a e1 ba 23 9e 01 1d 07 49 39 af d4 44 fd c2 3a f9 fd 68 97 f5 6a 4c 2d Data Ascii: wmhl15q%1vbN4K"LL=_~g>+Pj.y5L-dVq{3@=+z2)K%4OxLjZ+f(S{qrwiHE12_HQj^xi"JPgR/05w__}y8ArG6J#I9D:hjL-
2022-10-07 04:04:05 UTC	1045	IN	Data Raw: eb 67 6f 47 ee a6 90 d9 69 92 39 45 e9 13 32 03 b4 3b 82 bb fb 12 cd 42 0d 96 52 4e 24 ea 6b 16 0b 87 02 18 29 12 90 09 06 37 80 b2 75 b8 30 51 97 ab 39 c8 f3 99 ba c2 01 c4 69 8a 12 a2 d6 16 6c 2c 09 96 96 c1 df 6f c0 48 2a 19 dd 9a 5a 76 57 4a 33 9f 20 9d 80 19 d5 84 3c c7 00 12 ea a7 38 0d 76 3d 2a b7 16 18 ad dc a0 5c b6 bb ce 45 95 08 c2 34 70 2d ad 05 9a 5b 80 f1 49 f4 34 38 16 40 51 b3 fa ee 30 50 42 61 0e 5e d9 01 dd cc f5 c0 0d e6 0f 10 3c 34 86 3c 2d d5 c2 89 1c e8 6d d9 22 78 1d ce 2b a1 d6 be 70 6c 1d be 0f 44 f6 ac b8 32 4f 2f 80 94 50 60 0c ca 9a 1e 4c b8 de bb 31 8e 6c fe 03 8e 26 54 03 26 e9 dc 10 a3 a5 b8 4d 16 cb 62 75 1e 45 64 b9 4a 7e f2 3d 10 9a 5a 4f a4 dd d6 11 1c bb 29 e5 eb eb 5d dd dd d8 55 40 11 22 12 6f cc f0 ef 4a f1 d7 29 e2 Data Ascii: goGi9E2;BRN$k)7u0Q9il,oHZvWJ3 <8v=\E4p-[I48@Q0PBa^<4<-m"x+plD2O/P`L1l&T&MbuEdJ~=ZO)]U@"oJ)
2022-10-07 04:04:05 UTC	1061	IN	Data Raw: 20 32 39 20 30 20 52 0a 2f 46 6f 6e 74 20 33 30 20 30 20 52 0a 3e 3e 0a 2f 43 6f 6e 74 65 6e 74 73 20 32 37 20 30 20 52 0a 3e 3e 0a 65 6e 64 6f 62 6a 0a 33 31 20 30 20 6f 62 6a 0a 3c 3c 2f 54 79 70 65 2f 50 61 67 65 2f 4d 65 64 69 61 42 6f 78 20 5b 30 20 30 20 35 39 35 20 38 34 32 5d 0a 2f 52 6f 74 61 74 65 20 30 2f 50 61 72 65 6e 74 20 33 20 30 20 52 0a 2f 52 65 73 6f 75 72 63 65 73 3c 3c 2f 50 72 6f 63 53 65 74 5b 2f 50 44 46 20 2f 54 65 78 74 5d 0a 2f 45 78 74 47 53 74 61 74 65 20 33 34 20 30 20 52 0a 2f 46 6f 6e 74 20 33 35 20 30 20 52 0a 3e 3e 0a 2f 43 6f 6e 74 65 6e 74 73 20 33 32 20 30 20 52 0a 3e 3e 0a 65 6e 64 6f 62 6a 0a 33 36 20 30 20 6f 62 6a 0a 3c 3c 2f 54 79 70 65 2f 50 61 67 65 2f 4d 65 64 69 61 42 6f 78 20 5b 30 20 30 20 35 39 35 20 38 34 Data Ascii: 29 0 R/Font 30 0 R>>/Contents 27 0 R>>endobj31 0 obj<</Type/Page/MediaBox [0 0 595 842]/Rotate 0/Parent 3 0 R/Resources<</ProcSet[/PDF /Text]/ExtGState 34 0 R/Font 35 0 R>>/Contents 32 0 R>>endobj36 0 obj<</Type/Page/MediaBox [0 0 595 84
2022-10-07 04:04:05 UTC	1077	IN	Data Raw: 20 35 39 35 20 38 34 32 5d 0a 2f 52 6f 74 61 74 65 20 30 2f 50 61 72 65 6e 74 20 33 20 30 20 52 0a 2f 52 65 73 6f 75 72 63 65 73 3c 3c 2f 50 72 6f 63 53 65 74 5b 2f 50 44 46 20 2f 54 65 78 74 5d 0a 2f 45 78 74 47 53 74 61 74 65 20 35 36 30 20 30 20 52 0a 2f 46 6f 6e 74 20 35 36 31 20 30 20 52 0a 3e 3e 0a 2f 43 6f 6e 74 65 6e 74 73 20 35 35 38 20 30 20 52 0a 3e 3e 0a 65 6e 64 6f 62 6a 0a 35 36 32 20 30 20 6f 62 6a 0a 3c 3c 2f 54 79 70 65 2f 50 61 67 65 2f 4d 65 64 69 61 42 6f 78 20 5b 30 20 30 20 35 39 35 20 38 34 32 5d 0a 2f 52 6f 74 61 74 65 20 30 2f 50 61 72 65 6e 74 20 33 20 30 20 52 0a 2f 52 65 73 6f 75 72 63 65 73 3c 3c 2f 50 72 6f 63 53 65 74 5b 2f 50 44 46 20 2f 54 65 78 74 5d 0a 2f 45 78 74 47 53 74 61 74 65 20 35 36 35 20 30 20 52 0a 2f 46 6f 6e Data Ascii: 595 842]/Rotate 0/Parent 3 0 R/Resources<</ProcSet[/PDF /Text]/ExtGState 560 0 R/Font 561 0 R>>/Contents 558 0 R>>endobj562 0 obj<</Type/Page/MediaBox [0 0 595 842]/Rotate 0/Parent 3 0 R/Resources<</ProcSet[/PDF /Text]/ExtGState 565 0 R/Fon
2022-10-07 04:04:05 UTC	1093	IN	Data Raw: 2f f9 2f ff 00 17 47 fa 4f fc f1 7f c9 7f f8 ba bd 9a 33 45 82 e5 1f f4 9f f9 e2 ff 00 92 ff 00 f1 74 7f a4 ff 00 cf 17 fc 97 ff 00 8b ab d9 a3 34 58 2e 51 ff 00 49 ff 00 9e 2f f9 2f ff 00 17 47 fa 4f fc f1 7f c9 7f f8 ba bd 9a 33 45 82 e5 1f f4 9f f9 e2 ff 00 92 ff 00 f1 74 7f a4 ff 00 cf 17 fc 97 ff 00 8b ab d9 a3 34 58 2e 51 ff 00 49 ff 00 9e 2f f9 2f ff 00 17 47 fa 4f fc f1 7f c9 7f f8 ba bd 9a 33 45 82 e5 1f f4 9f f9 e2 ff 00 92 ff 00 f1 74 7f a4 ff 00 cf 17 fc 97 ff 00 8b ab d9 a3 34 58 2e 51 ff 00 49 ff 00 9e 2f f9 2f ff 00 17 47 fa 4f fc f1 7f c9 7f f8 ba bd 9a 33 45 82 e5 1f f4 9f f9 e2 ff 00 92 ff 00 f1 74 7f a4 ff 00 cf 17 fc 97 ff 00 8b ab d9 a3 34 58 2e 51 ff 00 49 ff 00 9e 2f f9 2f ff 00 17 4d 77 9e 34 67 68 9c 2a 8c 93 b5 7a 7f df 55 a1 9a Data Ascii: //GO3Et4X.QI//GO3Et4X.QI//GO3Et4X.QI//GO3Et4X.QI//Mw4gh*zU
2022-10-07 04:04:05 UTC	1109	IN	Data Raw: b6 b1 ba f6 70 3d 89 b2 68 f3 6e 63 f2 8a 64 fd dc 63 19 eb d2 ab 45 a2 e9 f0 c3 34 4b 01 2b 3a ec 90 bc 8c cc cb e9 b8 92 71 f8 d7 38 ba d5 da da bb 5b ea 82 f9 8d 83 cf 21 09 19 fb 3c 80 02 39 51 8e 49 3c 1f 4a d0 7d 4e f3 49 62 2e 66 37 c8 f6 8d 70 9b 95 51 83 2e 32 b9 51 8c 1d de 94 de ff 00 d7 98 97 f5 f8 1b 51 e9 f6 b1 dc 09 d2 2c 4a 19 9f 76 e3 d5 80 07 bf b0 ab 55 8d a7 eb 53 5c df fd 96 7b 31 07 cc e9 b8 4b bf e6 5c 12 3a 0e 30 c3 9f ad 6c d2 18 51 45 14 00 51 45 14 00 54 37 36 d1 5d c0 d0 ce a5 a3 6c 64 02 47 bf 51 c8 a9 ab 37 5d b9 9a d3 4d f3 60 7d 92 79 b1 2e 70 0f 05 d4 1e be c4 d0 04 d6 7a 75 b5 88 97 ec c8 55 e5 fb ce ee ce c7 1d 32 58 92 71 f5 a3 4a b0 4d 33 4e 86 d1 18 b8 8c 72 c4 63 71 27 24 e3 ea 4d 45 05 cc cf af dd db 33 e6 18 e0 89 Data Ascii: p=hncdcE4K+:q8[!<9QI<J}NIb.f7pQ.2QQ,JvUS\{1K\:0lQEQET76]ldGQ7]M`}y.pzuU2XqJM3Nrcq'$ME3
2022-10-07 04:04:05 UTC	1125	IN	Data Raw: 65 12 79 2e 63 7c 03 c3 0e de ff 00 85 3a ee ee 0b 28 0c d7 32 6c 8c 10 33 82 49 27 a0 00 72 4f b0 ac 5f 0c 89 a3 bb d5 62 92 da 28 11 26 50 16 39 4b 05 22 35 18 1f 28 e3 18 e6 a6 f1 2e 52 2b 19 f7 f9 71 43 72 19 e4 db 91 18 2a c0 31 1e 80 91 4f b7 c8 17 53 52 ce ee 0b d8 3c eb 67 de 99 2a 78 20 82 3a 82 0f 20 fb 1a 9e b1 3c 37 b9 d6 fe 71 27 9b 14 d7 19 49 76 e0 49 84 55 2c 07 a1 20 d6 dd 00 14 51 45 00 14 51 45 00 41 79 77 05 8d b3 dc 5c b9 48 93 19 21 4b 75 38 1c 0e 7a 9a aa ba dd 8b c5 24 8a f3 1f 2c 85 74 16 f2 6f 5c f4 ca ed dd 8f 7c 62 ab 78 b4 81 e1 f9 c9 7f 2c 07 8f e7 e3 e5 f9 d7 9e 6a be 83 22 49 ac 5f 34 57 67 50 8d a2 8f 37 58 1c 10 5b e4 f9 40 5e 3a f0 3b f3 40 17 e0 d7 b4 eb 88 24 99 26 71 0c 6b b9 a4 78 5d 17 19 c7 04 80 09 cf 61 cd 59 b2 Data Ascii: ey.c\|:(2l3I'rO_b(&P9K"5(.R+qCr1OSR<gx : <7q'IvIU, QEQEAyw\H!Ku8z$,to\\|bx,j"I_4WgP7X[@^:;@$&qkx]aY
2022-10-07 04:04:05 UTC	1141	IN	Data Raw: dd e4 67 09 8f 33 3e 66 36 0f 2f 67 fc 0f 34 ed 6c c9 71 69 ac bd cd dc d1 35 b0 8d 23 89 64 21 30 55 4f 2b d0 e4 92 32 7d 38 ae 9e 48 2c 65 9a 39 64 82 17 96 2f f5 6e d1 82 c9 f4 38 e2 9b 71 6d a7 dc c8 24 b8 b6 82 67 03 68 69 22 0c 40 f4 c9 14 01 71 7e e8 fa 52 d4 7e 74 7f de fd 28 f3 a3 fe f7 e9 40 12 51 51 f9 d1 ff 00 7b f4 a3 ce 8f fb df a5 00 49 45 47 e7 47 fd ef d2 8f 3a 3f ef 7e 94 01 25 15 1f 9d 1f f7 bf 4a 3c e8 ff 00 bd fa 50 04 94 54 7e 74 7f de fd 28 f3 a3 fe f7 e9 40 12 51 51 f9 d1 ff 00 7b f4 a3 ce 8f fb df a5 00 49 45 47 e7 47 fd ef d2 8f 3a 3f ef 7e 94 01 25 15 1f 9d 1f f7 bf 4a 3c e8 ff 00 bd fa 50 04 94 54 7e 74 7f de fd 28 f3 a3 fe f7 e9 40 12 51 51 f9 d1 ff 00 7b f4 a3 ce 8f fb df a5 00 49 45 47 e7 47 fd ef d2 8f 3a 3f ef 7e 94 01 25 Data Ascii: g3>f6/g4lqi5#d!0UO+2}8H,e9d/n8qm$ghi"@q~R~t(@QQ{IEGG:?~%J<PT~t(@QQ{IEGG:?~%J<PT~t(@QQ{IEGG:?~%
2022-10-07 04:04:05 UTC	1157	IN	Data Raw: e5 ff 00 c2 8f b7 43 ff 00 4d 7f ef cb ff 00 85 17 02 cd 15 5b ed d0 ff 00 d3 5f fb f2 ff 00 e1 47 db a1 ff 00 a6 bf f7 e5 ff 00 c2 8b 81 66 8a ad f6 e8 7f e9 af fd f9 7f f0 a3 ed d0 ff 00 d3 5f fb f2 ff 00 e1 45 c0 b3 45 56 fb 74 3f f4 d7 fe fc bf f8 51 f6 e8 7f e9 af fd f9 7f f0 a2 e0 59 a2 ab 7d ba 1f fa 6b ff 00 7e 5f fc 28 fb 74 3f f4 d7 fe fc bf f8 51 70 2c d1 55 be dd 0f fd 35 ff 00 bf 2f fe 14 7d ba 1f fa 6b ff 00 7e 5f fc 28 b8 16 68 aa df 6e 87 fe 9a ff 00 df 97 ff 00 0a 3e dd 0f fd 35 ff 00 bf 2f fe 14 5c 0b 34 55 6f b7 43 ff 00 4d 7f ef cb ff 00 85 1f 6e 87 fe 9a ff 00 df 97 ff 00 0a 2e 05 9a 2a b7 db a1 ff 00 a6 bf f7 e5 ff 00 c2 8f b7 43 ff 00 4d 7f ef cb ff 00 85 17 02 cd 15 5b ed d0 ff 00 d3 5f fb f2 ff 00 e1 47 db a1 ff 00 a6 bf f7 e5 ff Data Ascii: CM[_Gf_EEVt?QY}k~_(t?Qp,U5/}k~_(hn>5/\4UoCMn.*CM[_G
2022-10-07 04:04:05 UTC	1173	IN	Data Raw: 20 30 20 6f 62 6a 0a 3c 3c 2f 52 31 36 39 0a 31 36 39 20 30 20 52 2f 52 31 36 37 0a 31 36 37 20 30 20 52 2f 52 38 0a 38 20 30 20 52 2f 52 31 36 35 0a 31 36 35 20 30 20 52 2f 52 31 36 33 0a 31 36 33 20 30 20 52 2f 52 31 36 31 0a 31 36 31 20 30 20 52 3e 3e 0a 65 6e 64 6f 62 6a 0a 31 38 30 20 30 20 6f 62 6a 0a 3c 3c 2f 52 37 0a 37 20 30 20 52 3e 3e 0a 65 6e 64 6f 62 6a 0a 31 38 31 20 30 20 6f 62 6a 0a 3c 3c 2f 52 31 37 0a 31 37 20 30 20 52 2f 52 31 36 37 0a 31 36 37 20 30 20 52 2f 52 38 0a 38 20 30 20 52 2f 52 31 37 38 0a 31 37 38 20 30 20 52 2f 52 31 37 36 0a 31 37 36 20 30 20 52 2f 52 31 36 31 0a 31 36 31 20 30 20 52 2f 52 31 30 0a 31 30 20 30 20 52 2f 52 39 0a 39 20 30 20 52 3e 3e 0a 65 6e 64 6f 62 6a 0a 31 38 35 20 30 20 6f 62 6a 0a 3c 3c 2f 52 37 0a 37 Data Ascii: 0 obj<</R169169 0 R/R167167 0 R/R88 0 R/R165165 0 R/R163163 0 R/R161161 0 R>>endobj180 0 obj<</R77 0 R>>endobj181 0 obj<</R1717 0 R/R167167 0 R/R88 0 R/R178178 0 R/R176176 0 R/R161161 0 R/R1010 0 R/R99 0 R>>endobj185 0 obj<</R77
2022-10-07 04:04:05 UTC	1189	IN	Data Raw: bf fc 8f 10 7f d8 36 4f fd 1a 94 50 ff 00 f2 3c 41 ff 00 60 d9 3f f4 6a 51 40 1b b4 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 15 1c df ea 5f fd d3 52 54 73 7f a9 7f f7 4d 00 61 78 17 fe 44 ed 37 fd c6 ff 00 d0 cd 6f d6 07 81 7f e4 4e d3 7f dc 6f fd 0c d6 fd 00 14 51 45 00 14 51 45 00 14 51 45 00 14 b4 94 b4 01 cc f8 ef fe 40 f6 df f5 fb 0f f3 ae 9b bd 73 3e 3b ff 00 90 3d b7 fd 7e c3 fc eb a6 ef 40 0b 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 06 07 8c bf e4 0f 17 fd 7d c1 ff 00 a3 05 6e fa d6 17 8c bf e4 0f 17 fd 7d c1 ff 00 a3 05 6e fa d0 01 45 14 50 01 45 14 50 01 45 14 50 01 45 14 50 02 d6 07 8d 7f e4 59 b8 ff 00 ae Data Ascii: 6OP<A`?jQ@QEQEQEQE_RTsMaxD7oNoQEQEQE@s>;=~@EPEPEPEPEPEPEPEPEPEPEPEPEPEPEP}n}nEPEPEPEPY
2022-10-07 04:04:05 UTC	1205	IN	Data Raw: 3e f9 ae ac 50 01 4b 49 45 00 79 7c ff 00 f2 18 d5 bf eb f1 ff 00 a5 2e 0f a1 ae 9b 42 00 dc 6b 39 51 ff 00 21 09 7a fd 16 b5 b6 2f f7 57 f2 14 01 e6 c1 67 fe d9 27 0f f6 7f 27 df 6e 73 57 30 7d 0d 76 df 69 b5 37 86 cf 7c 7f 69 d9 e6 79 78 e7 6e 71 9a 9f 6a ff 00 75 7f 21 40 1e 77 73 f7 ec f8 3f f1 f5 17 fe 84 2b d5 fb 9a e5 3c 4e 14 69 d0 e0 01 fe 97 07 41 fe d8 ae b0 f5 a0 04 a0 f4 a2 83 40 1c 86 81 79 f6 5f 0f 3d 94 77 36 96 ba 9d b4 ae 27 5b b3 81 92 e4 e4 8c 82 41 04 73 5a 5e 1a d4 62 9b 4a 47 97 ec 90 19 2e 24 8e 3f 24 6c 49 48 63 ca e7 ae 79 35 42 e6 67 d6 e6 6b 8b 2d 0a ca fa de 07 28 b3 dd 30 53 29 53 83 b3 e5 3c 67 b9 e2 b7 34 d9 61 d4 6c 2d e7 6b 3f 24 a1 e2 29 10 66 26 1c 1c 7f 88 a0 0c f0 3f b4 bc 61 20 7f 9a 0d 2a 35 21 73 c1 99 f3 cf e0 bf Data Ascii: >PKIEy\|.Bk9Q!z/Wg''nsW0}vi7\|iyxnqju!@ws?+<NiA@y_=w6'[AsZ^bJG.$?$lIHcy5Bgk-(0S)S<g4al-k?$)f&?a *5!s
2022-10-07 04:04:05 UTC	1221	IN	Data Raw: ab 96 ee 2f 8e b5 3c 7b f6 8c 02 8e df b6 94 5f 76 76 76 74 a2 47 8f 1e b4 da c0 c0 40 ad 6d 6b fc 93 2d 38 53 fe e6 6c d7 ae 5d 14 67 86 5f 31 18 00 80 39 88 33 50 ac d4 d4 54 0f 0f 0f ae f4 91 a7 36 6d da 0c 1b 36 ac 7f ff fe 74 a2 ac bf 64 ca cc cc fc f1 c7 1f 9d 9d 9d 67 cd 9a 65 78 b2 f1 71 a6 52 a9 96 2d 5b 46 97 9f 37 6f 9e e1 97 c6 a0 32 ab 5b b7 ee d3 a7 4f f9 bf 96 a3 1a a3 82 a4 96 32 f0 c2 13 47 8e 1c b9 74 e9 12 5d a9 72 1f e5 32 3e ce 6e dc b8 b1 6f df 3e da 4a f4 d5 0d 5c 2c 25 25 85 56 cb 95 3e 4e e6 ee ee 4e db 76 c8 90 21 fc 83 64 7a 2f 9f 9f 9f bf 74 e9 52 ea e3 8f 3f fe b8 dc bf 24 33 3e ce e8 fb 45 df 35 fa 7e 95 fb d8 21 00 00 43 10 67 a0 4c c9 c9 c9 73 e6 cc 49 4a 4a fa fa eb af 29 4a ca 7d cd 30 1e ff 8b c2 0f 3e f8 c0 f0 cb ab 1a Data Ascii: /<{_vvvtG@mk-8Sl]g_193PT6m6tdgexqR-[F7o2[O2Gt]r2>no>J\,%%V>NNv!dz/tR?$3>E5~!CgLsIJJ)J}0>
2022-10-07 04:04:05 UTC	1237	IN	Data Raw: 80 9c 01 f1 20 21 fb ec b3 cf ca ca ca 98 ea 8b e6 d0 c2 26 75 46 b5 07 72 26 16 90 33 00 00 d0 02 72 06 c4 a3 77 ef de 57 af 5e 65 a7 2d 2c 2c 72 72 72 2c 2d 2d a5 4d a9 d6 40 ce c4 02 72 06 00 00 5a 40 ce 80 48 14 14 14 34 6b d6 ac b4 b4 94 7d 68 6b 6b bb 77 ef 5e 7f 7f 7f 69 b3 aa 35 90 33 b1 80 9c 01 00 80 16 90 33 20 12 87 0f 1f 9e 3c 79 72 5e 5e 1e fb d0 c4 c4 64 e6 cc 99 f2 bd a0 06 e4 4c 2c 20 67 00 00 a0 05 e4 0c 88 c4 b4 69 d3 c2 c2 c2 34 95 a6 65 cb 96 e9 e9 e9 12 a6 f4 32 40 ce c4 02 72 06 00 00 5a 40 ce 80 48 34 6b d6 2c 3b 3b db dc dc bc bc bc dc cc cc ac a2 a2 c2 ca ca ea d6 ad 5b 32 bd a0 06 e4 4c 2c 20 67 00 00 a0 05 e4 0c 88 41 7c 7c bc 87 87 07 09 99 bd bd 7d 7a 7a ba b3 b3 73 66 66 66 55 55 d5 bf ff fd 6f 99 5e 50 03 72 26 16 90 33 00 Data Ascii: !&uFr&3rwW^e-,,rrr,--M@rZ@H4k}hkkw^i533 <yr^^dL, gi4e2@rZ@H4k,;;[2L, gA\|\|}zzsfffUUo^Pr&3
2022-10-07 04:04:05 UTC	1253	IN	Data Raw: 68 20 31 30 30 30 0a 2f 43 68 61 72 53 65 74 28 2f 65 71 75 61 6c 2f 66 66 2f 66 66 69 2f 70 6c 75 73 2f 73 6c 61 73 68 29 2f 46 6f 6e 74 46 69 6c 65 33 20 36 30 37 20 30 20 52 3e 3e 0a 65 6e 64 6f 62 6a 0a 36 30 37 20 30 20 6f 62 6a 0a 3c 3c 2f 46 69 6c 74 65 72 2f 46 6c 61 74 65 44 65 63 6f 64 65 0a 2f 53 75 62 74 79 70 65 2f 54 79 70 65 31 43 2f 4c 65 6e 67 74 68 20 35 34 35 3e 3e 73 74 72 65 61 6d 0a 78 9c 63 64 60 61 62 60 64 64 64 2d 2a a9 28 02 31 94 7e 48 33 fe 90 61 fa 21 c3 9c f1 db f4 e7 9a 9f f6 ac dd 3c cc dd 3c 2c 47 7e 5c 15 7a 23 f8 90 ff 96 00 03 13 23 a3 a0 68 58 6a 51 71 66 7e 9e 82 b1 9e 81 8e 82 7b 80 0f 58 3f 03 03 ab ad b6 3e 37 1f 03 83 1c 03 0f 83 00 23 17 23 37 03 1b d0 7c 06 16 06 25 06 77 86 08 86 6f 8c 17 7e d5 f0 fd 14 f8 2e Data Ascii: h 1000/CharSet(/equal/ff/ffi/plus/slash)/FontFile3 607 0 R>>endobj607 0 obj<</Filter/FlateDecode/Subtype/Type1C/Length 545>>streamxcd`ab`ddd-*(1~H3a!<<,G~\z##hXjQqf~{X?>7##7\|%wo~.
2022-10-07 04:04:05 UTC	1269	IN	Data Raw: 3c 3c 2f 54 79 70 65 2f 46 6f 6e 74 44 65 73 63 72 69 70 74 6f 72 2f 46 6f 6e 74 4e 61 6d 65 2f 51 41 43 45 4e 56 2b 43 4d 43 53 43 31 30 2f 46 6f 6e 74 42 42 6f 78 5b 30 20 2d 32 35 30 20 37 30 30 20 37 35 30 5d 2f 46 6c 61 67 73 20 31 33 31 31 30 34 0a 2f 41 73 63 65 6e 74 20 37 35 30 0a 2f 43 61 70 48 65 69 67 68 74 20 37 35 30 0a 2f 44 65 73 63 65 6e 74 20 2d 32 35 30 0a 2f 49 74 61 6c 69 63 41 6e 67 6c 65 20 30 0a 2f 53 74 65 6d 56 20 31 30 35 0a 2f 4d 69 73 73 69 6e 67 57 69 64 74 68 20 33 37 37 0a 2f 58 48 65 69 67 68 74 20 35 33 31 0a 2f 43 68 61 72 53 65 74 28 2f 61 2f 63 2f 63 6f 6d 6d 61 2f 64 2f 65 2f 66 2f 66 69 76 65 2f 68 79 70 68 65 6e 2f 69 2f 6b 2f 6c 2f 6d 2f 6e 2f 6f 2f 70 2f 71 75 6f 74 65 64 62 6c 6c 65 66 74 2f 71 75 6f 74 65 64 62 Data Ascii: <</Type/FontDescriptor/FontName/QACENV+CMCSC10/FontBBox[0 -250 700 750]/Flags 131104/Ascent 750/CapHeight 750/Descent -250/ItalicAngle 0/StemV 105/MissingWidth 377/XHeight 531/CharSet(/a/c/comma/d/e/f/five/hyphen/i/k/l/m/n/o/p/quotedblleft/quotedb
2022-10-07 04:04:05 UTC	1285	IN	Data Raw: 34 33 38 20 30 30 30 30 30 20 6e 20 0a 30 30 30 30 39 34 31 33 35 34 20 30 30 30 30 30 20 6e 20 0a 30 30 30 31 32 36 38 32 35 37 20 30 30 30 30 30 20 6e 20 0a 30 30 30 31 32 36 38 32 38 38 20 30 30 30 30 30 20 6e 20 0a 30 30 30 31 30 39 34 32 30 36 20 30 30 30 30 30 20 6e 20 0a 30 30 30 30 39 34 31 33 37 36 20 30 30 30 30 30 20 6e 20 0a 30 30 30 30 39 34 35 36 39 31 20 30 30 30 30 30 20 6e 20 0a 30 30 30 31 32 36 38 33 35 34 20 30 30 30 30 30 20 6e 20 0a 30 30 30 31 32 36 38 33 38 35 20 30 30 30 30 30 20 6e 20 0a 30 30 30 31 30 39 34 33 37 32 20 30 30 30 30 30 20 6e 20 0a 30 30 30 30 39 34 35 37 31 33 20 30 30 30 30 30 20 6e 20 0a 30 30 30 30 39 35 31 35 38 37 20 30 30 30 30 30 20 6e 20 0a 30 30 30 31 32 36 38 34 34 37 20 30 30 30 30 30 20 6e 20 0a 30 30 Data Ascii: 438 00000 n 0000941354 00000 n 0001268257 00000 n 0001268288 00000 n 0001094206 00000 n 0000941376 00000 n 0000945691 00000 n 0001268354 00000 n 0001268385 00000 n 0001094372 00000 n 0000945713 00000 n 0000951587 00000 n 0001268447 00000 n 00

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
2	192.168.2.22	49176	142.250.184.206	443	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
2022-10-07 04:04:04 UTC	1	OUT	GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=84.0.4147.135&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1 Host: clients2.google.com Connection: keep-alive X-Goog-Update-Interactivity: fg X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfm X-Goog-Update-Updater: chromecrx-84.0.4147.135 Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2022-10-07 04:04:04 UTC	1	IN	HTTP/1.1 200 OK Content-Security-Policy: script-src 'report-sample' 'nonce-M9DVGcdsX3Rr0pa4G-uSxw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 07 Oct 2022 04:04:04 GMT Content-Type: text/xml; charset=UTF-8 X-Daynum: 5757 X-Daystart: 75844 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2022-10-07 04:04:04 UTC	2	IN	Data Raw: 33 31 61 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 35 37 35 37 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 37 35 38 34 34 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22 Data Ascii: 31a<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="5757" elapsed_seconds="75844"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
2022-10-07 04:04:04 UTC	3	IN	Data Raw: 6d 78 76 59 6e 4d 76 4e 7a 49 30 51 55 46 58 4e 56 39 7a 54 32 52 76 64 55 77 79 4d 45 52 45 53 45 5a 47 56 6d 4a 6e 51 51 2f 31 2e 30 2e 30 2e 36 5f 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 2e 63 72 78 22 20 66 70 3d 22 31 2e 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69 Data Ascii: mxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx" fp="1.81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" si
2022-10-07 04:04:04 UTC	3	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
3	192.168.2.22	49182	142.250.184.206	443	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
2022-10-07 04:04:07 UTC	1289	OUT	GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=84.0.4147.135&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc HTTP/1.1 Host: clients2.google.com Connection: keep-alive X-Goog-Update-Interactivity: bg X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfm X-Goog-Update-Updater: chromecrx-84.0.4147.135 Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2022-10-07 04:04:07 UTC	1290	IN	HTTP/1.1 200 OK Content-Security-Policy: script-src 'report-sample' 'nonce-9CEeeh5pfaQwsxad_GQLjQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 07 Oct 2022 04:04:07 GMT Content-Type: text/xml; charset=UTF-8 X-Daynum: 5757 X-Daystart: 75847 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2022-10-07 04:04:07 UTC	1291	IN	Data Raw: 33 31 61 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 35 37 35 37 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 37 35 38 34 37 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22 Data Ascii: 31a<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="5757" elapsed_seconds="75847"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
2022-10-07 04:04:07 UTC	1291	IN	Data Raw: 6d 78 76 59 6e 4d 76 4e 7a 49 30 51 55 46 58 4e 56 39 7a 54 32 52 76 64 55 77 79 4d 45 52 45 53 45 5a 47 56 6d 4a 6e 51 51 2f 31 2e 30 2e 30 2e 36 5f 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 2e 63 72 78 22 20 66 70 3d 22 31 2e 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69 Data Ascii: mxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx" fp="1.81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" si
2022-10-07 04:04:07 UTC	1291	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Statistics

CPU Usage

• chrome.exe
• chrome.exe
• chrome.exe
• AcroRd32.exe
• RdrCEF.exe

Click to jump to process

Memory Usage

• chrome.exe
• chrome.exe
• chrome.exe
• AcroRd32.exe
• RdrCEF.exe

Click to jump to process

High Level Behavior Distribution

• File
• Registry

Click to dive into process behavior distribution

Click to jump to process

Target ID:	0
Start time:	06:04:13
Start date:	07/10/2022
Path:	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Imagebase:	0x13f0d0000
File size:	1820656 bytes
MD5 hash:	6ACAE527E744C80997B25EF2A0485D5E
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

Target ID:	1
Start time:	06:04:15
Start date:	07/10/2022
Path:	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1044,10579008139269471097,5525965360181123181,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1448 /prefetch:8
Imagebase:	0x13f0d0000
File size:	1820656 bytes
MD5 hash:	6ACAE527E744C80997B25EF2A0485D5E
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

Target ID:	4
Start time:	06:04:16
Start date:	07/10/2022
Path:	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "https://www.cs.ru.nl/~F.vandenBroek/pub/scriptie.pdf
Imagebase:	0x13f0d0000
File size:	1820656 bytes
MD5 hash:	6ACAE527E744C80997B25EF2A0485D5E
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

Target ID:	5
Start time:	06:04:23
Start date:	07/10/2022
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Wow64 process (32bit):	true
Commandline:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Downloads\scriptie.pdf
Imagebase:	0x1320000
File size:	2525680 bytes
MD5 hash:	2F8D93826B8CBF9290BC57535C7A6817
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

Target ID:	6
Start time:	06:04:27
Start date:	07/10/2022
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
Imagebase:	0xef0000
File size:	9805808 bytes
MD5 hash:	326A645391A97C760B60C558A35BB068
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

Source: global traffic	HTTP traffic detected: GET /~F.vandenBroek/pub/scriptie.pdf HTTP/1.1Host: www.cs.ru.nlConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=84.0.4147.135&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-84.0.4147.135Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=84.0.4147.135&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: bgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-84.0.4147.135Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49176
Source: unknown	Network traffic detected: HTTP traffic on port 49182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49175
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49174
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49173
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49182
Source: unknown	Network traffic detected: HTTP traffic on port 49175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49174 -> 443

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://www.cs.ru.nl/~F.vandenBroek/pub/scriΡtie.pdf

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Networking

System Summary

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Cache\data_1

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old~RF3ea41c.TMP (copy)

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-221007130429Z-165.bmp

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

C:\Users\user\Downloads\c430504f-84f6-45ed-b1de-8e6155bdccc0.tmp

C:\Users\user\Downloads\scriptie.pdf (copy)

C:\Users\user\Downloads\scriptie.pdf.crdownload

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

High Level Behavior Distribution

back

Behavior

System Behavior

Analysis Process: chrome.exePID: 2128, Parent PID: 2172

General

File Activities

Windows Analysis Report
https://www.cs.ru.nl/~F.vandenBroek/pub/scriΡtie.pdf